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NETWORK  INFRASTRUCTURE 

11  How  to  cut  IT  costs  with  less  pain. 

15  Virtual  desktops  getting  security 
boost. 

42  Opinion  ’Net  BuzziTrojan  takes 
‘Office  Space’  approach  to  stealing 
from  mobile-phone  customers. 

42  Opinion  BackSpin:  Place  your 
bets  against  malware. 

ENTERPRISE  COMPUTING 

12  Vegas  data  center  bets  on  100% 
uptime. 

APPLICATION  SERVICES 

4  IBM/Lotus  cranks  up  cloud  efforts. 

TECH  UPDATE 

16  Customizing  the  operating  system. 


■  HyperSpace  software  helps  save 
a  Windows  notebook’s  battery  life 
by  speeding  up  the  power-up  and 
power-down  sequence. 

See  Cool  Tools,  page  25. 


GOODBADUGLY 

ObamaBerry  a  go 

The  White  House  has  con¬ 
firmed  that  President  Barack 
Obama  will  have  the  use  of  a 
security-enhanced  BlackBerry, 
to  correspond  with  a  small 
group  of  personal  friends  and 
senior  staff.  Press  Secretary 
Robert  Gibbs  said  the  wire¬ 
less  e-mail  communications 
will  be  secure,  and  that  hackers 
will  not  be  able  to  access  GPS 
coordinates  on  the  device  to 
its  location. 

Cell  phone  customers  confused 

A  survey  of  400  American  and  British  cell 
phone  users  finds  widespread  dissatisfac¬ 
tion  with  cellular  data  services.  By  lopsided 
majorities,  these  users  find  setting  up  their 
cell  phones,  and  activating  and  using  new 
data  services  way  too  complicated  and  too 
confusing,  according  to  the  survey,  con¬ 
ducted  on  behalf  of  a  mobile-phone  soft¬ 
ware  firm.  Nearly  half  say  setup  issues  are 
the  reason  they  refuse  to  upgrade  to  more 
sophisticated  mobile  phones. 


25  Mark  Gibbs:  Goodbye  malware, 
hello  micro-projector. 

25  Keith  Shaw:  HyperSpace:  More 
like  impulse  power. 
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Belkin’s  fake  reviews  mess 
The  president  of  network  equipment  maker 
Belkin  has  disavowed  the  actions  of  an 
employee  who  apparently  offered  to  pay  for 
positive  user  reviews  of  the  company’s  prod¬ 
ucts  —  and  for  marking  negative  reviews  as 
"unhelpful.”  “Belkin  does  not  participate  in, 
nor  does  it  endorse,  unethical  practices  like 
this,"  Mark  Reynoso  wrote  in  a  letter  that 
appears  on  Belkin’s  Web  site. 
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Today,  datacenters  eat  up  to  30  times  more  energy  per  square  foot  than  a 
typical  office.  The  answer:  IBM  green  datacenter  and  IT  services.  They 
can  help  you  implement  a  conservation  policy  and  measure,  manage  and 
report  on  real  results  against  it.  Many  IBM  customers  have  doubled  their 
IT  capacity;  others  have  reduced  energy  costs  by  40%  or  more.  A  greener 
world  starts  with  greener  business.  Greener  business  starts  with  IBM. 
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SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Take  the  first  step  toward  a  greener  datacenter  at  ibm.conn/green/services 
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IBM/Lotus  cranks  up  cloud  efforts 


Strengths  and  weaknesses 

IBM/Lotus  plans  to  roll  out  a  hosted  collaboration  suite  over  the  course  of 
2009  called  LotusLive.The  company  is  hoping  to  grab  a  stake  in  the  demand 
for  hosted  applications. 


Strengths 

Weaknesses 

Proven  collection  of  collaboration  tools, 
including  strong  set  of  social-networking 
applications  designed  for  the  enterprise. 

IBM  is  not  a  traditional  provider  to  the 
small-to-midsize  business  market,  where 
software-as-a-service  has  a  strong  play. 

Solid  integration  hooks  via  Eclipse 
foundation  into  third-party  applications 
and  on-premises  software. 

Back-end  messaging  infrastructure  of 
LotusLive  is  a  work  in  progress,  as  is  the 
road  map  for  the  suite. 

IBM/Lotus  has  been  working  on  LotusLive 
since  the  introduction  of  Bluehouse  in  early 
2008. 

Competition  is  fierce  with  Cisco,  Microsoft 
and  Google  —  not  only  for  customers  but 
for  reseller  partners. 

BY  JOHN  FONTANA 

Seeking  to  break  out  from  behind  the  fire¬ 
wall,  IBM/Lotus  is  cloning  its  collaboration  fam¬ 
ily  for  the  cloud  and  embarking  on  a  course 
that  could  define  the  future  of  its  applications. 

The  company  last  week  changed  the  name 
of  its  year-old  Bluehouse  cloud  services  project 
to  LotusLive,  and  signaled  that  it  is  officially  in 
the  software-as-a-service  competition. 

The  company  however,  could  only  sketch  out 
a  rough  outline  that  was  full  of  technological 
gaps,  vague  on  delivery  dates  and  empty  of 
pricing. 

LotusLive  includes  hosted  services,  such  as 
messaging,  conferencing  and  social  network¬ 
ing,  cast  in  the  likeness  of  Lotus’  on-premises 
tools.  Also  planned  are  plug-ins  to  connect  the 
online  and  on-premises  software. 

IBM/Lotus  faces  a  number  of  challenges  in¬ 
cluding  integrating  newly  purchased  online 
messaging  technology  from  Hong  Kong-based 
provider  Outblaze,  tying  together  the  online 
suite  with  on-premises  software,  and  wooing 
small-to-midsize  businesses  (SMB)  historically 
absent  from  IBM’s  radar. 

In  addition,  to  prosper,  IBM/Lotus  must  estab¬ 
lish  a  reseller  channel  against  such  giant 
online-collaboration  competitors  as  Microsoft, 
Cisco  and  Google. 

In  its  first  appearance  at  the  company’s 
annual  Lotusphere  conference,  LotusLive  drew 
rough  critiques  from  some  analysts  and  poten¬ 
tial  users,  along  with  a  smattering  of  kudos 
from  pundits  and  early  adopters. 

Despite  the  differences  of  opinion,  all  agree 
IBM/Lotus  has  work  to  do  and  has  about  12  to 
18  months  to  define  the  platform,  whip  it  into 
shape  and  prove  LotusLive  can  sell. 

“Since  IBM  started  talking  about  Bluehouse 
my  thought  was  if  they  do  it  really  well,  it  could 
be  really  really  good,”  said  Jonathan  Spira,CEO 
and  chief  analyst  of  consulting  firm  Basex.“It’s 
out  of  beta  because  they  are  selling  it,  but  it 
looks  to  me  like  all  the  pieces  are  not  put 
together  yet.” 

The  pieces  that  are  together  and  available 
are  LotusLive  Notes  (based  on  Hosted  Notes), 
and  Meetings  and  Events,  which  are  based  on 
Sarnetime. 

Last  week,  IBM/Lotus  unveiled  a  beta  of  Lotus- 
Live  Engage, a  bundle  of  services  including  Web 
mail,  instant  messaging,  Web  conferencing,  file 
sharing,  charts  and  forms.  The  company 
promised  other  bundles  targeting  specific 
industries  and  needs,  or  a  la  carte  delivery  of 
services.  IBM/Lotus  officials  would  say  only  that 
the  pieces  would  be  released  throughout  2009. 

To  start,  however,  many  analysts  panned 


Engage  as  ill-defined,  immature  and  reac¬ 
tionary  “It  is  a  work  in  progress,”  said  Kathleen 
Reidy  senior  analyst  with  The  451  Group. “Last 
year,  Bluehouse  was  about  SMB,  but  this  year,  it 
is  how  you  extend  internal  investments  to  the 
external  cloud. So,  is  it  SMB  or  an  extension  for 
enterprise  customers  to  do  extranets?  Can  you 
do  both  at  once  with  this  new  service?  Those 
are  two  different  markets.” 

Another  big  question  concerned  LotusLive 
iNotes,  a  lightweight  messaging  service  that 
will  be  based  on  Outblaze  Web  mail  technol¬ 
ogy  not  Notes/Domino.  IBM/Lotus  acquired  the 
technology  on  Jan.  15  and  inserted  it  into  the 
LotusLive  lineup  just  a  few  days  before  its 
unveiling.  Left  out  was  the  company’s  own 
Notes-based  Web  email  technology 

Outblaze  includes  a  distributed  administra¬ 
tion  technology  and  branding  options 
IBM/Lotus  lacked,  Lotus  officials  said. 

“We  wanted  to  go  a  step  further  and  do  dis¬ 
tribution  models  with  telcos  and  other 
resellers,  which  is  a  key  part  of  our  strategy  or 
do  private  labeling  or  co-branding,”  says  Sean 
Poulley  vice  president  of  online  collaboration 
service  for  Lotus  Software.“We  don’t  have  those 
skills  yet  in  our  business,  so  it  makes  sense  to 
get  additional  intellectual  property  assets  and 
skills,  and  integrate  that.”  In  addition,  Outblaze 
brings  along  40  million  users. 

But  getting  those  assets  means  they  have  to 
be  integrated  into  the  platform.  “On  the  tech 
side,  they  are  stitching  together  a  lot  of  different 
moving  parts,”  says  Gartner  analyst  Matt  Cain. 
“With  Engage  you  have  Sametime  for  IM, 
Outblaze  for  e-mail  and  activities  from  Lotus 
Connections.  Delivering  a  platform  stitched 


together  from  many  parts  and  making  it  ele¬ 
gant  is  tough.” 

Others  called  LotusLive  a  panicked  response 
to  recent  online  collaboration  moves  by 
Microsoft,  Cisco  and  Google. 

“It  all  indicates  a  lack  of  vision,  a  lack  of  a 
common  architecture,  and  1  am  not  very 
impressed,”  said  David  Ferris,  president  and 
senior  analyst  with  Ferris  Research. 

Some  Lotusphere  attendees  also  gave 
LotusLive  a  lukewarm  reception. 

Rene  Vandal,  a  systems  integrator  with 
Telefilm  Canada,  said  his  company  was  busy 
building  a  WebSphere  portal.  “LotusLive  looks 
interesting,  but  I  don’t  think  we’ll  have  a  solu¬ 
tion  like  that.” 

An  IT  architect  from  a  financial  services  firm, 
who  requested  anonymity  said  his  company 
was  too  wrapped  up  in  a  migration  from  Notes 
6.5  to  even  think  twice  about  LotusLive. 

But  it  wasn’t  all  cat-calling  last  week.  At 
Lotusphere,  IBM/Lotus  unveiled  partnerships 
with  Linkedln,  Salesforce.com  and  Skype  that 
will  integrate  those  services  into  LotusLive.The 
partnerships  provide  an  example  of  the  exten¬ 
sibility  of  the  platform. 

Some  analysts  said  LotusLive  showed  a  lot  of 
forethought  on  IBM’s  part,  including  using  the 
Eclipse  platform  as  the  foundation  to  tie 
together  not  only  IBM  software  but  wares  from 
third  parties  as  well. 

“The  vision  they  showed  was  comprehen¬ 
sive,  and  beyond  where  I  thought  they  were 
going  six  months  ago,”  said  IDC  analyst  Robert 
Mahowald.  “What  IBM  has  built  by  adding 
social  software  and  Symphony  shows  me  this 
is  a  taking-the-gloves-off  approach.”  ■ 
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CARBON 
COUNTING 
FOR  BEAN 
COUNTERS. 


IBM  collaboration  software  and  services  connect  people  faster  wherever 
they  are,  which  means  less  jet  fuel,  energy  and  money.  And  IBM  software’s 
advanced  deduplication  and  data  compression  can  lower  the  energy  and 
space  costs  of  your  collaboration  infrastructure  by  up  to  half.  A  greener  world 
starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

See  tRegrS'en  demo  at  ibm.com/green/collaboration 
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FCC  needs  to  go  beyond  net 
neutrality 

Re:  FCC:  How  will  changing  of  the  guard 
impact  big  telecom  issues?  (www.nwdocfind 
er.  com/8436): 

The  Electronics  Manufacturers  Association 
was  so  horrified  about  what  happened  with 
AM  stereo  by  the  laissez-faire  attitude  of  the 
Reagan-era  FCC  [that  it]  set  up  a  task  force  to 
design  a  stereo-sound  standard  for  TV  broad¬ 
casting,  and  present 


the  proposal  to  the 
FCC.  Some  legal 
trickery  was  devised 
to  prevent  incompat¬ 
ible,  competing  stan¬ 
dards  from  confus¬ 
ing  the  marketplace. 

Another  ideologi¬ 
cally  driven  decision 

of  the  FCC  has  been  causing  most  indepen¬ 
dent  ISPs  to  go  out  of  business  because  the 
dominant  phone  companies  and  cable  com¬ 
panies  were  allowed  to  block  wholesale  pur¬ 
chases  at  reasonable-rates  access  to  the  broad¬ 
band  lines.  Moreover,  the  FCC  has  set  mini¬ 
mum  bandwidth  limits  so  restrictive  that  even 
in  rural  areas,  where  no  affordable  and  viable 
land-based  broadband  service  is  available, 
competing  dial-up  service  has  essentially  been 
rendered  useless.  At  the  allowable  minimum 
rate  of  19.6KB  (28.8KB  or  in  bad  weather, 
26.4KB  most  typical),  most  Web  sites  simply  do 
not  function  at  all!  All  the  rate-cutting  in  the 
world  by  the  few  remaining  dial-up  ISPs’ 
providers  cannot  overcome  this  limitation. 
Certainly  a  newly  reconstituted  FCC  could  act 
in  an  interim  move  until  broadband  build-out 
reaches  the  deprived  outlying  and  rural  areas, 
to  require  all  dial-up  lines  to  be  able  to  pass  a 
minimum  of  48.8KB  until  reasonably  priced 
and  capable  broadband  reaches  these  areas. 

What  is  needed  in  the  FCC  is  competent 
problem-solvers  rather  than  narrow-minded 
ideologues  who  have  little  regard  for  the 
impacts  their  actions  have  on  society  at  large. 

Louis  A.  Carliner 

Discuss  at  www.nwdocfinder.com/8437 


**What  is  needed  in  the  FCC 
is  truly  competent  problem- 
solvers  rather  than  narrow¬ 
minded  ideologues.  55 
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SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
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To  get  the  client 
software,  use  your  phone  browser  to 
visit  wap.connexto.com 

For  more  information  on  code  scanning 
see  www.nww.com/codescan 


Shame  on  Judge  Greene  and 
the  feds 

Re:  Does  the  AT&T  breakup  still  matter  25 
years  on?  (www.nwdocfinder.com/8438) 

This  article  offers  some  interesting  points 
of  view.  My  simple  questions  would  be 
these:  Does  anyone  believe  breaking  up 
Bell  Labs  was  a  good  thing?  And  where 
would  we  be  if  all  the  subsequent  advertis¬ 
ing  dollars  spent  by  the  Baby  Bells  had 

instead  been  spent 
on  R&D?  I  know  my 
answers,  and  shame 
on  Judge  Greene 
and  the  U.S.  govern¬ 
ment  for  disman¬ 
tling  what  was  a 
very  productive  ele¬ 
ment  of  the  national 
R&D  enterprise. 

Mark  Strauch 

Discuss  at  www.nwdocfinder.com/8439 

Open  source  in  the  cloud 

Re:  Consortium  tackles  cloud  computing 
standards  (www.nwdocfinder.com/8440): 

Excellent  move,  totally  support  it. 

I  did  a  talk  back  at  OSCON  ’07  (see  www.nw 
docfinder.com/8441)  on  the  necessity  for 
open  source  in  utility  computing  (or  what  we 
now  call  cloud). 

Portability  needs  both  open-sourced  oper¬ 
ational  code  to  be  the  reference  standard 
(rather  than  open  specifications),  com¬ 
bined  with  a  multitude  of  providers  and  as¬ 
surance  services. 

The  goal  that  “you  would  not  have  to  rewrite 
that  application  if  you  shifted  the  provider  of 
cloud  services”  is  excellent. 

Simon  Wardley 
Software  Services  Manager 
Canonical 

Discuss  at  www.nwdocfinder.com/8442 

An  alternative  to  FTP 

Re:  Using  a  packet  trace  to  show  TCP 
throughput  (www.nwdocfinder.com/8443): 

We  had  this  exact  problem  on  our  OC-3 
link.  Our  FTP  transfers  were  horribly  slow. 
We  didn't  get  anywhere  near  the  through¬ 
put  we  expected.  We  actually  found  a  prod¬ 
uct  called  FileCatalyst  that  uses  [User 
Datagram  Protocol]  rather  than  TCP  to 
transfer  files.  It  is  commercial,  but  consid¬ 
ering  how  much  money  we  were  wasting 
by  not  fixing  the  issue,  it  was  a  small  price 
to  pay.  That,  and  it  was  actually  really  easy 
to  use. 

Alan  Jenkins 

Discuss  at  www.nwdocfinder.com/8443 


E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  492 
Old  Connecticut  Path,  Framingham,  MA  0]  701- 
9002.  Please  include  phone  number  and  address 
for  verification 
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Robots  go  gaming 

A  Japanese  company 
has  a  new  idea  for  its 
robots  —  let  users  con¬ 
trol  them  in  a  crane- 
game-like  arcade 
machine. 

www.nwdocfinder.com/8444 


TV  that  watches  you 

New  Sony  TV  includes  a 
sensor  that  can  tell  if 
it's  being  watched  —  if 
not,  it  powers  down. 

www.nwdocfmder.com/8445 


Bicycle  built  for  hills 

Schwinn’s  new  electric 
bicycle  includes  pedal- 
assist  features  to  help 
you  up  those  big  hills. 

www.nwdocfinder.com/8446 
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NEWSLETTERS 


Why  HP  is  the  ‘Cisco  of  net¬ 
work  mgmt  software'  to  some 


SPHERE 


■  Microsoft  lays  off  thousands,  promis¬ 
es  thousands  of  new  jobs.  The  Microsoft 
Subnet  blog  reported,  “Microsoft  said  it  will 
cut  up  to  5,000  jobs  in  R&D,  marketing,  sales, 
finance,  legal,  human  resources  and  IT  over 
the  next  18  months.  The  first  1,400  jobs  were 
cut  Jan.  22,  the  day  of  Microsoft’s  second - 
quarter  earnings  announcement.  On  top  of 
that,  Microsoft  initiated  a  pay  freeze  for  the 
next  fiscal  year.  These  initiatives,  plus  other 
cuts  on  spending  (such  as  killing/reducing 
construction  projects,  and  cutting  down  on 
marketing)  will  reduce  the  company's  annual 
operating  expense  run  rate  by  approximately 
$1.5  billion  and  reduce  fiscal  year  2009  capital 
expenditures  by  $700  million,  the  company 
said.  Microsoft  promised  that  it  will  also  be 
adding  a  “few  thousands”  jobs  in  areas  like 
“search,”  said  CEO  Steve  Ballmer  in  a  con¬ 
ference  call.  Will  those  be  U.S.  jobs?  That’s 
unclear.”  www.nwdocfinder.com/8447 

■  White  House:  Obama  to  use  security- 
enhanced  BlackBerry.  John  Cox  reports  in 
his  On  Wireless  blog:  “In  today’s  just-con¬ 
cluded  press  briefing,  the  White  House  has 
confirmed  that  President  Barack  Obama  will 
have  the  use  of  a  security-enhanced  Black- 
Berry,  to  correspond  with  a  small  group  of 
personal  friends  and  senior  staff.  Press 
Secretary  Robert  Gibbs  said  the  wireless  e- 
mail  communications  will  be  secure,  and  that 
hackers  will  not  be  able  to  access  GPS  coor¬ 
dinates  on  the  device  to  pinpoint  its  location. 
When  asked  if  other  friends  and  members  of 
Congress  would  be  able  to  e-mail  the  presi¬ 
dent,  Gibbs  declined  to  answer  on  security 
grounds.  Gibbs  confirmed  that  all  wireless  e- 
mails  will  be  covered  by  the  Presidential 
Records  Act,  and  made  public  in  due  course 
under  the  act's  provisions." 
www.nwdocfinder.com/8448 

■  Brad  Reese  writes  in  his  On  Cisco 
blog.  "In  moving  forward  on  his  technology 
agenda,  President-elect  Obama  appears 
close  to  appointing  Cisco  Chief  Technology 
Officer  Padmasree  Warrior  to  the  newly  cre¬ 
ated  position  of  U.S.  CTO.  In  the  opinion  of 
yours  truly,  that  would  be  a  huge  win  for 
Cisco,  but  a  total  disaster  for  America,  why? 
Because  Cisco  gets  to  dump  its  incompetent 
executive  deadwood  on  the  American  public, 
while  creating  untold  conflicts  of  interest 
with  an  incompetent  U.S.  CTO  beholden  to  a 
former  employer,  the  largest  networking 
technology  vendor  in  the  United  States. 
Heck,  President  George  W.  Bush  has  an 
impressive  r6sum6  too,  but  would  you  hire 
the  guy?  Don’t  be  shy  now,  tell  us  if  you  would 
hire  him  and  why!” 
www.nwdocfinder.com/8449 


Network  management:  The  economic  cli¬ 
mate  has  most  if  not  all  enterprise  network 
managers  reassessing  the  tools  they  have  in 
house  and  which  new  technologies  could 
potentially  help  them  do  more  with  less.  One 
such  individual  found  increasing  an  invest¬ 
ment  in  HP  network  management  software 
would  let  him  eliminate  the  need  for  six 
other  tools,  spend  less  money  and  guarantee 
better  performance  for  network  users.  Scott 
Steves,  systems  network  software  consultant 
in  the  Network  Analysis  Group  for  the  state  of 
Kansas  in  Topeka,  is  a  long-time  Network 
Node  Manager  (NNM)  customer  —  since 
Version  4.11  —  and  recently  reinvested  in 
newer  versions  of  HP's  cornerstone  manage 
ment  software  application.  Steves  says 
upgrades  to  HP's  flagship  management  appli¬ 
cation  drove  him  to  consider  further  invest¬ 
ment.  HP  in  late  2007  overhauled  NNM  and 
more  recently  introduced  a  performance 
management  add-on  to  help  customers  man¬ 
age  both  fault  and  performance  with  one 
console.  "It  allows  us  to  have  that  single  pane 
of  glass  for  fault  and  performance  manage¬ 
ment,  and  the  products  are  ITIL-compliant, 
which  is  important  to  us,"  he  says.  Steves  was 
able  to  work  with  the  beta  team  of  HP  engi¬ 
neers  assigned  to  the  updated  NNM  and 


NNMi  SP1  products,  and  reports  that  manag¬ 
ing  more  than  30,000  interfaces  typically 
required  multiple  tools,  but  not  anymore. 

www.nwdocfinder.com/8432 

SMB:  Why  are  so  many  technical  advances  a 
constant  balance  between  useful  and  frustrat¬ 
ing?  I  nominate  e-mail  as  one  of  the  most 
helpful  yet  aggravating  advances  when  you 
judge  easy  communications  against  spam 
and  mail-borne  viruses.  Make  another  resolu¬ 
tion  to  improve  your  e-mail  situation  this  year. 
One  way  to  improve  e-mail,  as  I  wrote  in 
October,  is  to  Get  More  Work  Done  with  Less 
E-Mail.  But  since  you  can't  get  away  from  e- 
mail  completely  you  need  to  get  a  better  han¬ 
dle  on  spam,  e-mail  security,  e-mail  archiving 
and  encryption  for  certain  communications. 
Luckily,  hundreds  of  vendors  offer  you  such 
services,  including  one  you  probably  didn't 
know  about:  Google. Well,  not  so  much 
Google  itself  as  Postini,  bought  by  Google 
over  a  year  ago.  Postini  was  a  small  player  in 
the  big  market,  and  now  it’s  part  of  a  huge 
player  trying  to  break  into  that  market.  When 
it  called  to  tell  me  its  plans,  it  said  the  right 
things,  but  it  has  to  gain  some  market  share 
to  make  me  believe  it. 
www.nwdocfinder.com/8434 
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The  inefficiency,  complexity  and  rising  energy  costs  of  twentieth-century 
datacenters  simply  can’t  support  the  demands  of  twenty-first-century 
business.  IBM’s  New  Enterprise  Data  Center  is  a  vision  for  IT  that’s  highly 
efficient,  business  driven  and  greener-by-design.  IBM  is  already  working 
with  over  2,000  clients  to  help  make  this  vision  a  reality.  A  greener  world 
starts  with  greener  business.  Greener  business  starts  with  IBM. 
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Layoffs:  Microsoft  bent, 
but  not  broken 

Microsoft  is  undertaking  an  historic  resetting  of  its  business  as  it  prepares  to 
weather  a  downturn  CEO  Steve  Ballmer  predicts  won’t  come  with  a  quick 
rebound. The  company  last  week  cut  1,400  employees  and  said  the  num¬ 
ber  of  layoffs  could  go  as  high  as  5,000  over  the  next  18  months.  Microsoft  also  is 
freezing  pay  raises  for  the  next  fiscal  year.  But  make  no  mistake,  the  company  with 
more  than  $23  billion  in  cash  is  resetting  and  not  reeling.  In  fact,  Microsoft  in  the 
second  quarter  grew  2%  over  the  same  quarter  last  year.  “They  are  not  on  the 
ropes,”  says  independent  consultant  Dwight  Davis.“Microsoft  is  a  very  diversified 
company  in  terms  of  geography  and  products  and  markets,  including  consumer, 
small  and  medium  sized  businesses,  and  the  enterprise. This  is  a  worldwide  eco¬ 
nomic  problem  and  Microsoft  is  exposed  on  about  every  front.” 
www.nwdocfinder.com/8453 


Obama  plan  says  cyber  infrastructure 
is  ‘strategic’.  The  Obama  administration 
has  published  a  high-level  plan  to  protect  U.S. 
computer  networks,  saying  it  considers  cyber 
infrastructure*^  strategic  asset” and  will 
appoint  a  cyber  adviser  who  will  report  direct¬ 
ly  to  the  president. The  six-point  outline  was 
published  as  part  of  a  paper  detailing  the  new 
administration’s  position  on  homeland  securi¬ 
ty  Also  planned  is  a  “safe  computing  R&D 
effort”  to  build  the  next  generation  of  security 
features  into  computers,  and  plans  to  fight 
cyber-espionage  and  cybercrime  by  cracking 
down  on“untraceable  Internet  payment 
schemes.”The  administration  also  wants  to 
develop  standards  for  securing  data  and  mak¬ 
ing  companies  disclose  data  breaches,  some¬ 
thing  that  is  currently  governed  by  a  patch- 
work  of  state  laws. 
www.nwdocfinder.com/8454 

Sprint  offers  low-cost  enterprise  wire¬ 
less  plans.  Sprint  is  offering  businesses  low- 
cost  wireless  plans  through  its  Direct  Connect 
push-to-talk  service.The  company’s  Unlimited 
Workgroup  Communications  offer  includes 
unlimited  push-to-talk  services  and  text  mes¬ 
saging,  along  with  free  night  and  weekend 
minutes  for  $29.99  per  month. The  company 
also  is  offering  an  enterprise  voice  and  data 
plan  that  has  all  the  features  of  its  Workgroup 
Communications  plan  plus  unlimited  data 
and  GPS  use  for  $39.99  a  month  per  user. 
Additionally,  Sprint  says  enterprise  users  can 
add  pool  minutes  to  their  accounts  for  their 
workgroups  to  share  at  monthly  rates  of  $30 
for  500  minutes  or  $100  for  2,000  minutes. 
www.nwdocfinder.com/8455 

Rackable  puts  desktop  CPUs  in  low- 
cost  servers.  Rackable  Systems  has  turned 
to  low-cost  desktop  components  for  a  server 
design  that  aims  to  provide  a  less-expensive 
alternative  for  companies  running  busy  Web 
applications.The  design  uses  Athlon  and 


Phenom  desktop  CPUs  from  AMD  and 
allows  for  highly  dense  servers  that  can  be 
priced  at  less  than  $500  because  they  are 
based  on  commodity  PC  parts,  says  Saeed 
Atashie,  director  of  server  products  at 
Rackable. They  can  house  as  many  as  264 

compute  nodes 
per  cabinet  and 
draw  as  little  as 
72  watts  per 
node,  using  a 
new  server 
design  that 
Rackable  calls  MicroSlice.“I  like  what  they 
are  doing,”  says  Mark  Peters,  a  server  analyst 
with  Enterprise  Strategy  Group. “They’re  tak¬ 
ing  small,  standard  building  blocks  and  let¬ 
ting  you  create  them  into  the  type  of  system 
you  want.”The  biggest  challenge  for 
Rackable  will  be  convincing  companies  to 
try  a  new  server  architecture,  Peters  says. 
www.nwdocfinder.com/8456 

IT  pros  fear  job  cuts,  stagnant  pay  in 
2009.  Salaries  improved  for  IT  professionals 
in  2008,  but  many  worry  the  trend  won’t  con¬ 
tinue  into  2009.  According  to  a  survey  con¬ 
ducted  by  career  site  Dice,  technology  work¬ 
ers  in  2008  experienced  a  4.6%  increase  in 
average  pay  from  the  previous  year  to 
$78,035.The  survey  found  specific  skills  drew 
higher  than  average  pay  increases.  For 
instance,  security  analysts  experienced 
increases  of  8.4%  and  pay  for  software  engi¬ 
neers  grew  7%.Yet  worry  about  future  cuts 
overshadowed  news  of  previous  gains. 
According  to  Dice,  22%  of  those  surveyed 
expressed  concern  about  keeping  skills  up  to 
date  in  the  coming  months.  One-fifth  said 
they  fear  job  elimination,  14%  expect  lower 
salary  increases,  12%  anticipate  cancelled 
projects,  and  10%  aren’t  looking  forward  to 
increased  stress  due  to  added  workloads  in 
the  aftermath  of  staff  cuts. 
www.nwdocfinder.com/8457 


Researchers  tout  wireless  microgrip¬ 
pers.  In  the  not-too-distant  future,  your  sur¬ 
geon  may  be  someone  who  —  instead  of 
wielding  a  scalpel  —  injects  you  with  a  flock 
of  dust-size  wireless  devices  that  grab  and 
remove  infected  or  damaged  tissue  in 
response  to  chemical  signals.These  micro¬ 
grippers,  less  than  1 /254th  of  an  inch  in  diam¬ 
eter,  have  been  developed  by  researchers  at 
John  Hopkins  University  and  tested  in  biopsy¬ 
like  procedures  with  animal  tissue. The  crab¬ 
like  devices  are  moved  and  guided  by  exter¬ 
nal  magnets,  and  grab  or  release  in  response 
to  non-toxic  biochemicals  or  temperature 
changes.  By  contrast,  today’s  generation  of 
microgrippers  are  physically  controlled  via 
thin  wires  or  tubes.  David  Gracias,  assistant 
professor  at  John  Hopkins,  sees  the  devices 
as  the  first  generation  of  technologies  that 
could  eventually  result  in  autonomous  micro- 
and  nano-scale  surgical  tools  to  help  doctors 
diagnose  and  treat  a  range  of  illnesses  much 
less  invasively  than  is  now  possible. 
www.nwdocfinder.com/8458 

Riverbed  to  buy  Mazu  for  analysis 
tools.  Riverbed  will  acquire  Mazu  Networks 
to  add  application  performance  analysis  to  its 
offerings,  allowing  enterprises  and  carriers  to 
measure  the  benefits  of  WAN  optimization. 
Riverbed’s  Steelhead  WAN  optimization  appli¬ 
ances  are  designed  to  make  applications 
work  faster  over  long  distances.  Mazu  sells 
appliances  that  can  measure  and  report  on 
application  usage  and  performance.  Riverbed 
will  offer  those  appliances  as  products  on 
their  own  but  could  also  integrate  the  Mazu 
technology  into  its  own  products.That  would 
give  enterprises  a  tool  to  diagnose  the  need 
for  Riverbed’s  gear  and  then  quantify  its  ben¬ 
efits.  Riverbed  will  pay  $25  million  in  cash 
when  the  deal  closes,  plus  as  much  as  $22 
million  more  if  Mazu  meets  specific  sales  tar¬ 
gets.  www.nwdocfinder.com/8459 

FCC  questions  Comcast’s  VoIP  manage¬ 
ment  protocols.  Comcast  is  about  to  get 
another  network  neutrality-related  headache. 
The  FCC  has  issued  a  letter  to  Comcast  ques¬ 
tioning  whether  the  ISP  is  degrading  rival 
VoIP  traffic  in  favor  of  its  own  service. 
According  to  the  FCC,  Comcast  says  its  traffic 
management  policies  will  make  VoIP  calls 
sound  “choppy”  for  users  who  consume  70% 
of  their  provisioned  bandwidth  for  more  than 
15  minutes  at  peak  hours.  However,  the  FCC  is 
concerned  that  Comcast’s  Web  site  says  that 
its  own  VoIP  service  will  not  be  affected  by 
the  new  traffic  management  procedure,  as  its 
VoIP  service  is  a  “separate  facilities-based  IP 
phone  service.”This  apparent  discrepancy 
leaves  Comcast  open  to  charges  that  it  is  vio¬ 
lating  network  neutrality  principles  by  favor¬ 
ing  its  own  Internet  traffic  over  that  of  its 
competitors,  the  FCC  says. 
www.nwdocfinder.com/8460 
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How  to  cut  IT  costs  with  less  pain 


BY  DENISE  DUBIE 

With  no  fat  left  to  trim,  how  can  IT  man¬ 
agers  keep  cutting  costs  without  damaging 
core  services? 

Many  industry  professionals  say  implement¬ 
ing  processes  around  IT  cost-management  or 
deploying  chargeback  technologies  can  pro¬ 
vide  the  insight  that  IT  and  business  teams 
need  to  better  understand  how  to  spend  what’s 
left  of  budgets.These  systems  can  help  identify 
the  services  IT  offers,  how  much  those  services 
cost  to  deliver,  which  services  are  most  in 
demand  by  the  business,  and  how  to  reduce 
expenses  intelligently  without  hampering 
innovation. 

“Cost  cutting  is  not  over  yet  for  2009;  75%  of 
companies  right  now  are  thinking  about  it,  so 
cost  management  should  be  on  many  CIOs’ 
minds,”  says  Barbara  Gomolski,  managing  vice 
president  at  research  firm  Gartner. 

Cost  management  isn’t  solely  about  cutting 
expenses.  It  encompasses  a  set  of  processes 
designed  to  identify  services  and  curb  spend¬ 
ing  on  unnecessary  or  less-critical  resources. 
Best-practice  frameworks,  such  as  ITIL,  have 
guidelines  for  cost  management,  as  well  as  for 
IT  chargeback,  another  discipline  that  involves 
IT  departments  pricing  each  service  and 
billing  departments  for  the  services  they  con¬ 
sume.  With  such  cost  transparency,  IT  can  prove 
its  value  to  the  business,  and  show  those  it 
serves  the  ultimate  cost  to  the  business  of  their 
application  or  service  demands. 

“Chargeback  could  be  considered  a  kind  of 
behavior-modification  tool.  We  wanted  people 
to  know  what  the  price  of  services  were, 
because  if  they  knew  how  much  it  could  cost 
their  department,  they  would  be  more  cautious 
about  requesting  less  critical  services,”  says 
Jake  Seitz,  enterprise  architect  at  The  First 
American  Corp.  in  Santa  Ana,  Calif. 

Clarify  IT  costs 

IT  departments  struggling  with  fewer 
resources  might  not  be  in  a  position  to  imple¬ 
ment  a  full  chargeback  system,  but  many  can 
begin  tracking  costs  and  developing  a  service 
catalog,  industry  watchers  say 

By  putting  existing  asset-  and  performance 
management  tools  to  work  —  and  perhaps 
importing  data  into  a  spreadsheet  or  other 
document  —  IT  managers  can  begin  to  see 
which  departments  or  end  users  require  which 
services,  and  start  to  calculate  the  IT  resources 
required  to  deliver  those  services. 

“An  intermediate  steppingstone  is  reporting. 
That  means  providing  periodic  reports  to  their 
end  users  showing  resource  consumption  and 
using  this  as  a  means  to  have  discussions  to 
address  excesses,"  says  Cameron  Haight, 
research  vice  president  at  Gartner. 

Finance  teams  also  should  be  brought  into 
cost-management  discussions  to  better  illus- 
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Follow  the  money 

A  survey  of  100  non-IT  professionals 
revealed  that  about  75%  wanted  more 
information  about  how  IT  dollars  were 
spent,  and  that  33%  felt  IT  investments 
were  not  maximized.  More  than  40%  said 
IT  doesn’t  reveal  its  technology  plans  to 
the  lines  of  business  it  serves. 

How  is  your  line  of  business  charged 
for  IT  expenditures? 


Other  5% 
Per  seat 


application 


Not  directly 
charged 


SOURCE:  APPTIO 
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trate  for  end  users  how  their  demands  directly 
affect  the  company’s  bottom  line. 

“Measuring  costs  helps  us  manage  expendi¬ 
tures  and  gives  us  a  baseline  to  compare  alter¬ 
native  service-delivery  options,  including  out¬ 
sourcing,”  says  James  Kritcher,  vice  president 
of  IT  at  White  Electronic  Designs  in  Phoenix. 
“With  current  economic  conditions,  senior 
management  may  suspect  that  the  IT  spend  is 
not  in  line  with  the  perceived  value. The  chal¬ 
lenge  for  IT  is  to  demonstrate  the  value  lost  if 
the  IT  budget  is  cut.” 

Depending  on  the  IT  department,  the  level  of 
detail  needed  is  discretionary,  analysts  say  that 
Many  IT  groups  make  the  mistake  of  assuming 
cost  management  and/or  chargeback  are  pro¬ 
jects  too  large  to  undertake,  when  in  reality 
they  don’t  have  to  be  intricate  or  sophisticated 
undertakings,  Gartner’s  Gomolski  says. 

IT  departments  should  work  with  business 
leaders  to  determine  which  details  are  perti¬ 
nent.  The  information  is  readily  available 
today,  but  what  still  needs  to  happen  is  orga¬ 
nized  collection  and  rationalization  of  the 
data  within  each  company.’The  most  popular 
cost-management  or  chargeback  tool  is  often 
Microsoft  Excel,  and  that  is  OK.  It’s  a  start,” 
Gomolski  says.  “And  for  many,  beginning  a 
chargeback  project  doesn’t  immediately 
result  in  charging  for  IT  services.  It’s  about 
controlling  demand.” 

Doing  nothing  shouldn’t  be  an  option.  “IT 


departments  can’t  afford  not  to  explore 
chargeback  in  this  economy  Gomolski  says. 
“They  cannot  continue  to  operate  in  an  envi¬ 
ronment  where  people  can  basically  get  as 
much  IT  as  they  want,  when  they  want,  and 
expect  to  succeed.” 

Curb  noncritical  spending 

For  many  in  IT,  responding  to  end-user 
requests  for  applications  and  services  seems 
like  the  right  thing  to  do,  but  with  budgets 
shrinking  IT  will  be  called  on  to  pick  and 
choose  which  requests  best  serve  the  business. 

For  instance,  several  IT  managers  are  seeing 
an  increase  in  demand  for  virtual  server 
resources,  the  thinking  being  that  virtual 
machines  are  easy  to  provision  and  don’t 
require  an  investment  in  hardware.  That  does¬ 
n’t  necessarily  mean  they  can  be  rolled  out  at 
no  cost  to  IT,  however. 

“There  is  constant  financial  pressure  from 
every  direction;  gone  are  the  days  that  IT  can 
be  a  bottomless  pit  of  resources  to  other 
departments,”  says  Rick  Vanover,  systems 
administrator  at  Safelite  Auto  Glass  in 
Columbus,  Ohio.  “Finance  knowledge  is  an 
important  part  of  being  an  administrator,  and 
chargeback  tools  will  help  admins  get  a  grip 
on  what  resource  are  being  used  or  not  used.” 

Vanover  uses  VKernel’s  Chargeback  Virtual 
Appliance  to  manage  resources  and  prevent 
over-  or  underprovisioning  in  his  virtual  envi¬ 
ronment.  The  product  works  exclusively  with 
virtual  resources.  His  department  doesn’t 
exchange  money  internally  with  other  groups, 
but  the  product  helps  him  establish  a  standard 
for  cost  allocation  that  quantifies  resources 
and  educates  end  users,  he  says.  “You  can  put 
price  tags  on  disk,  CPU  and  memory  for  such 
resources,  and  the  value  of  the  information  is 
clear.  You  get  a  good  grasp  of  what  is  being 
used  in  the  virtual  footprint,”  he  adds. 

Others  say  understanding  costs  and  provid¬ 
ing  a  clear  picture  of  IT’s  expenses  to  the  busi¬ 
ness  presents  both  benefits  and  challenges  for 
IT  leaders.  One  benefit  of  tracking  expenses  is 
that  IT  could  find  areas  in  which  it  is  spending 
too  much  needlessly  Then, cutting  costs  would¬ 
n’t  equal  cutting  resources. 

“What  IT  needs  to  do  is  optimize  its  costs. 
They  could  find  areas  in  which  they  can  lessen 
spend  while  increasing  services,”  says  Donna 
Scott,  vice  president  and  distinguished  analyst 
at  Gartner.  “But  without  an  intelligent  and 
orderly  inventory,  IT  can  do  nothing  but  cut 
blindly, and  when  doing  that,  they  might  cut  the 
innovation  and  ultimately  the  company’s  com¬ 
petitive  advantage.” 

On  the  other  hand,  IT  will  also  be  held  more 
accountable  for  its  decisions. 

“Knowing  these  costs  encourages  responsi¬ 
ble  use  of  service-desk  resources  —  particu- 

See  Costs,  page  40 
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Vegas  data  center 
bets  on  100%  uptime 

BY  JON  BRODKIN 

A  few  miles  from  the  glitzy  casinos  of  the  Las  Vegas  strip  stands  a 
highly  secure,  407,000-square-foot  building  that  —  according  to  the 
man  who  operates  it  —  is  the  most  energy  efficient,  high-density  data 
center  in  the  world. 

Rob  Roy  the  CEO,  founder  and  chairman  of  Switch  Communications 
Group,  is  walking  the  halls  of  his  seventh  and  most  impressive  data  cen¬ 
ter,  the  SuperNAPfrom  which  he  provides  co-location  services  to  some 
of  the  world’s  biggest  organizations.  At  3  p.m.,  one  hour  into  giving  a 
tour,  it’s  clear  that  Roy  is  not  a  man  who  easily  runs  out  of  energy 

“Do  we  have  a  time  limit?”  he  asks.This  is  my  last  thing  of  the  day, so 
I’ll  just  talk  till  midnight.” 

The  tour  ends  by  4  p.m.,  eight  hours  early,  but  Roy  has  plenty  of  time 
to  explain  why  the  SuperNAP  is  a  safe  bet  for  organizations  with  the 
strictest  uptime  and  security  requirements.  What  makes  the  SuperNAP 
so  interesting?  Here  are  some  of  the  highlights: 

Guaranteed  100%  uptime 

Five  nines  of  availability  doesn’t  impress  Roy.“We  give  100%  service- 
level  agreements,  guaranteed,”  he  says. “Obviously  that’s  a  big  mone¬ 
tary  risk  if  1  didn’t  feel  this  design  was  ready  for  that.  Our  NAP  4  facil¬ 
ity,  which  is  our  next  biggest  site  [and  also  in  Las  Vegas],  for  three 
years  has  had  100%  uptime.” 

The  SuperNAP  (network  access  point)  operates  its  own  250  mega¬ 
volts  ampere  (MVA)  substation,  146  MVA  of  generator  capacity  and  84 
MVA  of  UPS  (uninterruptable  power  supply),  topped  off  with  30,000 
tons  of  redundant  cooling. 

“Our  network  for  six  years  has  never  had  an  outage,”  Roy  says.  “Every 
single  part  of  it  fails.  In  any  given  month,  something  fails.  Blades  fail, 
Cisco  routers  fail, carriers  fail, Sprint  fails, Verizon  fails, AT&T  fails. But  we 
build  this  stuff  in  such  a  redundant  manner. The  chance  of  something 
happening  with  us  where  you  have  an  outage  is  really  less  than  any¬ 
where  from  a  design  standpoint.” 

Militant  security 

Switch  began  life  in  2000  as  a  government  contractor  and  has  built 
seven  data  centers  meeting  the  high  levels  of  security  demanded  by 
government  and  military  clients.  Military-trained  security  staff  protects 
the  SuperNAI?  with  at  least  three  guards  on  site  at  any  given  moment. 

“By  the  time  you  got  into  this  building,  you  went  through  our  $2  mil¬ 
lion  blast  wall,  live  armed  security  and  six  or  seven  layers,”  Roy  says.“You 
went  through  biometrics.”  Although  customer  equipment  is  locked 
inside  cages,  Roy  says  the  cages  are  superfluous.”!  really  believe  at  this 
site  we  would  never  have  to  put  a  cage  on  anything  because  by  the 
time  you’re  here  you’ve  been  so  researched.” 


Focus  on  power  and  cooling 

How  to  power  a  data  center  efficiently  is 
top  of  mind  for  most  people  in  the  industry 

See  SuperNAP,  page  40 


ONLINE:  The  Terminator 


Read  more  online  about  Rob  Roy's 
background  and  why  he  has  a  life- 
sized  Terminator  statue  in  his  office. 


www.nwdocfinder.com/8452 
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THE  NEW  BROCADE  HBA  IS  A  SMARTER  WAY  TO  CONNECT  SERVERS  TO  STORAGE. 

A  single  server-to-storage  infrastructure  lets  you  go  farther  while  nevertpfing  you  down 
a  dead-end  road.  Brocade  NBAs  streamline  data  center  operations,  helping  you  unify 


BROCADE 


IT  drives  your  business.  So  naturally,  it  consumes  your  thoughts.  Customers,  on  the  other  hand,  shouldn't  need  to 
think  about  it  at  all.  They  just  expect  great  service.  Our  approach  to  Business  Service  Management  helps  ensure  they 
get  it,  by  managing  IT  services  based  on  their  impact  to  your  business.  That  way,  with  your  service  commitments 
fully  in  sync  with  your  business  demands,  you'll  be  able  to  give  your  customers  that  most  coveted  and  elusive  of  all 
service  experiences:  complete  satisfaction.  Of  course,  we'll  know  the  source  of  that  satisfaction  is  really  your  very 
own  IT  department.  Learn  more  and  get  the  latest  white  paper  at  ca.com/bsm. 
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Virtual  desktops  getting  security  boost 


Citrix,  Intel,  Integrity 
Global  Security  tout 
security,  performance 
and  manageability 

BY  TIM  GREENE 

Businesses  looking  for  safer  virtual  desk¬ 
tops  can  cut  the  risk  of  attacks  if  they  run 
their  virtual-machine  hypervisors  directly  on 
computer  hardware,  eliminating  reliance  on 
separate  operating  systems  that  can  be  vul¬ 
nerable  to  attack. 

Most  recently  Citrix  Systems  is  teaming  up 
with  Intel  to  optimize  its  XenDesktop  software 
for  desktops  and  laptops  based 
on  Intel  Core2  and  Centrino  2 
processors,  with  the  product 
scheduled  to  be  available  in 
the  second  half  of  this  year. 

Beyond  the  security  implica¬ 
tions,  client  hypervisors  offer 
the  additional  management 
benefits  of  centralizing  con¬ 
tent,  enforcing  access  control 
to  desktop  images,  updating 
and  patching  desktops  and 
supporting  multiple  virtual 
machines  on  a  single  device 
while  keeping  them  isolated 
from  each  other. 

The  Citrix  offering  will  run 
directly  on  the  client  desktop 
or  laptop  as  opposed  to  run¬ 
ning  on  top  of  a  separate  oper¬ 
ating  system  that  is  running  on 
the  hardware. 

The  Citrix  client  hypervisor  is 
scheduled  to  be  available 
about  the  time  that  VMware 
releases  its  client  hypervisor,  but 
the  difference  is  that  VMware’s 
runs  on  top  of  the  host 
machine’s  operating  system, 
says  Mark  Bowker,  an  analyst 
with  Enterprise  Strategy  Group. 

In  addition  to  teaming  with  Intel,  Citrix  is 
working  with  Dell  with  the  goals  of  certifying 
that  the  hardware  and  software  work  together 
and  of  delivering  the  hypervisors  on  Dell  desk¬ 
tops  and  notebooks  that  are  powered  by  Intel 
vPro  chips,  says  Juan  Vega,  a  Dell  senior  prod¬ 
uct  marketing  strategist. 

Dell  hasn’t  decided  yet  whether  the  hypervi¬ 
sor  will  ship  standard  with  the  devices  or  be 
sold  separately, Vega  says. 

Management  benefits  of  having  a  hypervi¬ 
sor  running  on  client  machines  include 
keeping  desktop  images  centrally  stored  and 
encapsulated  as  virtual  machines.  As  such, 
their  security  settings  can  be  altered  — 
patches  applied, security  settings  updated  — 


Faster,  more  secure  virtual  desktops 

Running  a  virtual  desktop  hypervisor  directly  on  hardware  rather  than  the  operating 
system  boosts  security  and  delivers  more  processing  power  to  applications. 


•  With  the  host  operating  system  dropped  from  the  equation, 
OS  vulnerabilities  are  no  longer  a  security  worry. 

Applications 

•  Application  response  time  improves  because  full  virtual 
machines  run  on  the  host  —  not  images  of  virtual  desktops 

Hypervisor 

running  on  a  remote  server. 

•  Full  encryption  allows  for  working  on  virtual  machines  when 
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once  on  a  server,  then  deployed  or  synched 
to  remote  machines. 

The  virtual  desktop  model  employing  a 
hypervisor  differs  from  the  model  where  the 
laptop  or  desktop  has  a  thin  client  that 
receives  images  of  the  desktop  from  a  server 
shared  by  other  virtual  desktops.  Because 
machines  with  their  own  client  hypervisors 
have  dedicated  computing  power,  they  can 
deliver  better  application  performance  and 
graphics,  Citrix  says. 

Citrix  says  its  client  hypervisor  will  support 
multiple  isolated  virtual  desktops  per 
machine,  making  it  possible  to  deploy  a  cor¬ 
porate  virtual  machine  on  a  device  that  has  a 
virtual  machine  containing  personal  data  and 


applications  without  the  risk  of 
one  corrupting  the  other. 

Because  these  virtual  ma¬ 
chines  are  encapsulated,  they 
can  be  readily  encrypted,  Bow¬ 
ker  says,  making  them  more 
secure  if  the  machines  being 
used  are  mobile  or  not  man¬ 
aged  by  the  corporation. 

The  security  boost  that 
comes  from  removing  the 
operating  system  from  be¬ 
tween  the  hardware  and  the 
hypervisor  doesn’t  necessarily 
eliminate  attacks,  according  to 
a  competitor  of  Citrix. 

In  the  absence  of  an  oper¬ 
ating  system  to  attack,  mali¬ 
cious  parties  can  attack  the 
hypervisor  itself,  says  Dave 
Kleidemacher,  CTO  of  Integ¬ 
rity  Global  Security,  which 
sells  the  only  client  hypervi¬ 
sor  with  the  highest  U.S.  gov¬ 
ernment  security  rating, 
known  as  EAL  6+. 

The  highest  rating  possible 
for  hypervisors  not  designed 
specifically  with  EAL6+  crite¬ 
ria  in  mind  is  EAL  4,  Kleide¬ 
macher  says.  “The  bar  is  so  much  lower,”  he 
says.  The  higher  rating  is  awarded  to  soft¬ 
ware  that  can  withstand  persistent  attacks 
from  knowledgeable,  well-funded  adver¬ 
saries,  he  adds. 

But  in  the  real  world,  there  have  been  no  suc¬ 
cessful  hypervisor  exploits,  although  researcher 
Joanna  Rutkowska  described  last  year  at  the 
Black  Hat  security  conference  ways  to  subvert 
the  Xen  server  hypervisor  with  rootkits. 

“It’s  more  theoretical,”  says  Natalie  Lambert, 
an  analyst  with  Forrester  Research  who  says 
she  has  not  heard  from  clients  about  their 
hypervisors  being  exploited.“Security  folks  use 
it  as  a  stop  mechanism  to  not  let  virtualization 
projects  move  forward.”® 
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■  An  inside  look  at  technologies  and  standards 


Customizing  the  operating  system 


BY  MATTHEW  RICHARDS 

ass  customization  —  the  process  of  customizing  a  product  to 
meet  individual  needs  while  leveraging  mass  production  effi¬ 
ciency  —  is  commonplace  in  manufacturing  everything  from 
cars  to  laptops. Yet  the  operating  system  has  remained  monolithic,  even 
while  there  has  been  an  explosion  in  hardware  platforms,  mobile 
devices  and  applications. 


To  date,  the  ability  to  customize,  test  and 
deploy  a  tailored  operating  system  for  a  spe¬ 
cific  use  or  device  has  been  slow,  expensive 
and  complicated.  Furthermore,  you  customize 
at  your  own  risk  because  the  process  often 
results  in  the  loss  of  vendor  support. 

Fortunately  this  is  changing.  IT  departments 
are  starting  to  tailor  operating  systems  to 
gain  agility,  drive  down  support  costs  and 
enhance  security.  This  is  particularly  true  in 
the  Linux  environment  where  new  tools  are 
making  the  promise  of  a  tailored,  fully  sup¬ 
ported  Linux  a  reality. 

Historically,  major  operating  system  distribu¬ 
tions  have  been  notorious  for  their  bulk  and 
complexity.  The  time,  effort  and  resources 
required  to  install,  maintain  and  upgrade  a 
complete  operating  system  are  substantial. 
Operating  systems  are  designed  to  support 
every  possible  software  function,  yet  most 
applications  require  only  a  fraction  of  the 
capabilities.  The  extra,  unused  assets  become 
a  liability  from  a  security  and  management 
perspective. 

A  better  approach  is  to  create  an  environ¬ 
ment  using  only  the  operating  system 
resources  needed  for  a  particular  application 
set.  This  is  known  as  JeOS  Gust  enough  oper¬ 
ating  system).  The  question  is:  How  do  you 
move  to  a  JeOS  environment? 

Customizing  Linux 

Ironically,  although  Linux  is  modular  and 
designed  to  be  customized,  relatively  few  orga¬ 
nizations  take  advantage  of  this  because  of  the 
support  issue. 

Linux  vendors  are  addressing  that  by  improv¬ 
ing  the  granularity  of  their  packages  to  enable 
buyers  to  take  existing  Linux  building  blocks 
and  apply  them  in  different  combinations 


Got  great  ideas? 

W  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one,  and  want  to  contribute  it  to  a 
future  issue,  contact  Editor  in  Chief 

John  Dix  (jciix@nww.com) 


based  on  each  user’s  needs.  Linux’s  modular 
architecture  is  ideal  for  creating  JeOS  because 
it  can  be  easily  stripped  down  and  modified. 

Mass  customization  leverages  the  cost 
benefits  and  efficiencies  of  mass  produc¬ 
tion,  and  couples  that  with  the  ability  to  tai¬ 
lor  an  operating  system  for  different  use 
cases.  And  because  this  tailoring  is  achieved 
through  the  arrangement  of  standard  Linux 
components,  it  is  fully  supported. 

In  the  future,  virtually  all 
computers  will  be  tailored  to 
meet  an  individual’s  unique 
profile,  from  the  operating 
system  on  up. 

And  there  are  many  other  benefits: 

•  Simplified  deployment.  Tailoring  the 
operating  system  for  a  specific  need  results 
in  a  slimmed-down  product  that  is  easier  to 
deploy.  In  the  JeOS  model,  the  time  needed 
for  testing  and  deployment  can  shrink  from 
weeks  to  minutes.  A  preconfigured,  self- 
contained  package  with  no  external  depen¬ 
dencies  is  easy  to  transfer  through  testing 
into  the  production  environment,  and  is 
highly  portable  between  virtual  environ¬ 
ments,  making  it  beneficial  for  disaster 
recovery  and  other  scenarios. 

•  Reduced  maintenance  costs.  Reducing 
the  Linux  load  to  only  the  functions  needed 
for  a  given  use  also  vastly  simplifies  software 
management  and  maintenance.  These  com¬ 
pact,  finely  tuned  JeOS  environments  enable 
applications  to  run  more  efficiently,  with  all 
components  tested  and  optimized  to  run 
together.  This  is  similar  to  how  consumer 
equipment  such  as  DVRs  work. They  are  pur¬ 
pose-built  with  only  the  operating  system  and 
application  needed  to  perform  a  specific  set 
of  functions.  Because  the  devices  run  on  a 
trimmed-down  operating  system,  they  are  eas¬ 
ier  to  set  up,  operate  and  maintain. 

•  Strengthened  security  Mass  customization 
of  Linux  also  is  an  important  factor  for  busi¬ 
nesses  needing  to  comply  with  regulations 


that  require  controlling  access  to  sensitive 
data.  By  deploying  an  environment  tailored  to 
include  only  the  applications,  components 
and  associated  data  needed  by  each  user, 
organizations  can  build  a  foundation  that 
helps  prevent  access  by  unauthorized  users. 
Moreover,  because  JeOS  contains  fewer  com¬ 
ponents,  there  are  fewer  attack  vectors  for 
hackers  to  exploit. 

•  Greater  agility  Mass  customization  helps  IT 
become  more  agile  by  reducing  the  time 
required  to  deploy  new  servers  and  respond 
to  changing  business  needs.  New  use  cases 
can  be  precisely  configured  and  deployed  to 
address  market  shifts.  Additionally  these  highly 
portable  environments  can  be  scaled  up  or 
down  to  rapidly  respond  to  resource  peaks 
and  valleys. 

In  the  future,  virtually  all  computers  will  be 
tailored  to  meet  an  individual’s  unique  pro¬ 
file,  from  the  operating  system  on  up. The  use 
of  mass  customized  operating  environments 
will  proliferate  as  organizations  realize  the 
considerable  financial,  security  and  mainte¬ 
nance  benefits. 

Virtual  appliances  are  one  example  of  a 
mass  customization  success  story,  with  IDC 
predicting  the  worldwide  market  for  software 
and  virtual  appliances  will  reach  $1.1  billion 
by  2012  worldwide.  As  demand  for  mass  cus¬ 
tomization  of  Linux  increases,  we’ll  see  busi¬ 
nesses  explore  new  use  cases,  from  USB  stick- 
based  computers  to  cloud  computing. 

Customization  tools 

All  that’s  needed  are  tools  to  make  mass  cus¬ 
tomization  a  reality  We  didn’t  achieve  mass 
customization  of  cars  until  Ford  thought  up 
the  assembly  line.  We  need  the  equivalent  of 
the  assembly  line  in  the  operating  system 
world:  tools  that  provide  rapid,  fully  supported 
mass  market  efficiency,  reliability  and  consis¬ 
tency,  while  allowing  for  individuality 

Mass  customization  will  become  the  de 
facto  standard  for  those  looking  to  create  a 
fully  supported,  tailored  operating  system 
experience.  Ultimately,  this  is  the  best  path 
toward  a  more  efficient,  higher-performing 
operating  system  environment.  This  transfor¬ 
mation  will  open  up  possibilities  that  were 
previously  unheard  of  in  the  enterprise  and 
beyond. 

Richards  is  senior  program  manager  of 
Novell's  SUSE  Appliance  Program. 


This  vendor-written  tech  primer  has  been 
edited  by  Network  World  to  eliminate  prod¬ 
uct  promotion,  but  readers  should  note  it 
will  likely  favor  the  submitter's  approach. 
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Nortel  Secure  Network  Access  boasts  feature-rich  NAC 

Enterprise-class  security  product  bundles  bevy  of  features,  flexibility,  scalability  and  broad  platform  support 

into  one  package 

Symantec  Endpoint  Protection  speeds  past  rival  products 

Symantec  software  consistently  delivered  faster  response  times  over  Kaspersky,  McAfee  and 
Trend  Micro  products 

Open  Text  outperforms  rivals  in  secure  shell  server  tests 

Company’s  Connectivity  Secure  Server  demonstrates  better  scalability  and  performance  than 
Attachmate  and  SSH  Communications  offerings 

Attachmate  terminal  emulator  trumps  trio  of  rivals 

Attachmate  Reflection  for  IBM  2008  delivers  richer  productivity  features  and  better  integration  with 
Microsoft  products 

Passlogy  delivers  solid  password  security  with  a  twist 

Vendor's  system  uses  "one-time"  passwords  to  resist  brute-force  and  account  lock  attacks 

WebSense  security  gateway  trumps  rivals  with  performance  and  features 

Web  Security  Gateway  leads  way  with  Web  2.0  threat  detection,  fully  integrated 

Data  Loss  Prevention 

HP  hardware-accelerated  iSCSI  improves  performance/ 
efficiency  of  ProLiant  hardware 

Outperforms  software-based  iSCSI  by  reducing  CPU  utilization  by  up  to  8X 


Tolly  hands-on  examination  reveals  Nortel 
Secure  Network  Access  delivers  a  feature-rich 
robust,  flexible,  enterprise-class  NAC  solution 


•  Delivers  deployment  flexibility  by  supporting  multiple  NAC  enforcement  protocols  including  802. IX,  SNMP,  Nortel 
SSCP,  and  DHCP 

!  provides  investment  protection  by  supporting  a  broad  range  of  Ethernet  switches  including  Nortel,  Cisco,  and  HP 

•  Allows  users  to  benefit  from  joint  Nortel  SNA/Microsoft  NAP  integration  before  upgrading  to  Windows  Server  2008 

!/'  «f  .■.•Scales  to  more  than  23,000  concurrently,  conm  '.undated  devices  and  more  than  2,000  simulated  enforcement  points 

•  Supports  a  broad  range  of  endpoint  devices  including  Windows,  Linux,  Mac  PCs,  IP  phones,  and  printers 


Nortel  Secure  Network  Access  Solution 
Verified  Features/Functions 


Characteristics 


Microsoft  Network  Access  Protection  (NAP)  integration  on  both 
client  and  server  levels 

Authentication  support  for  all  user  types  including  guests,  contractors 
2S  via  Captive  Portal  and  Installed  Agent  options 

Support  for  enterprise-wide  endpoint  devices  including  Windows, 
Linux,  Mac  PCs,  IP  phones  and  printers 

Rich  health  assessment 
security  policies) 

Post  admission  control  (Network  behavior  anomaly  detection)  via 
integration  with  IDS/IPS 

Resiliency  (User  sessions  are  maintained  even  during  an  outage 


Audited 


Document 
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Product  class:  Network  Access 
Control  Security 


es  that  devices  conform  to 


Nortel  commissioned  Tolly  to  evaluate  its 
Secure  Network  Access  (SNA)  Solution, 
which  controls  and  automates  network 
access  for  both  managed  and  unmanaged 
users  and  devices.  Tolly  engineers  verified 
features  and  measured  the  power  consump¬ 
tion  of  the  Nortel  Secure  Network  Access 
Switch  (SNAS)  running  software  2.0.1. 

Tolly  engineers  examined  two  models:  the 
Nortel  Secure  Network  Access  Switch 
(SNAS)  4050  and  4070.  Engineers  validat¬ 
ed  an  assortment  of  key  network  access 
control  features  and  functions,  as  well  as 
verified  scalability  capabilities  of  the  device 
and  energy  consumption. 


Tests  show  that  Nortel's  Secure  Network 
Access  Solution  delivers  enormous  flexibility 
—  in  terms  of  its  support  for  clients,  access 
methods,  enforcement  modes,  and  devices. 
Nortel's  SNA  platform  combines  a  degree  of 
flexibility,  along  with  robustness  of  features 
and  functions,  which  is  unique  among  NAC 
offerings  tested  by  Tolly.  SNAS  appliances 
can  scale  from  3,000  concurrently  connect¬ 
ed  devices  supported  by  a  single  device,  to 
almost  8X  that  number  with  multiple  appli¬ 
ances  clustered.  Compared  to  a  Cisco  NAC 
solution,  the  SNAS  used  63%  less  energy 
during  hands-on  tests. 

Tests  also  reveal  that  Nortel's  Secure  Network 
Access  Solution  delivers  a  rich  set  of  features 
to  provide  secure  network  access  to  Windows, 
Linux,  Mac  PCs  and  other  devices,  and 
supports  major  standards,  such  as  802.  IX, 
Trusted  Computing  Group  and  Microsoft  AR 


In  addition,  it  integrates  into  IP  Telephony 
environments,  provides  full  resiliency  and 
supports  both  Nortel  and  non-Nortel  Ethernet 
switching  infrastructures.  Integration  with 
Microsoft  NAP  serves  to  augment  the  NAP 
solution  by  extending  its  support  to 
non-Windows  and  non-interactive  devices, 
enhancing  the  granularity  of  health  scans, 
increasing  enforcement  mode  flexibility,  and 
allowing  customers  to  deploy  full-featured 
NAP  utilizing  the  Nortel  SNAS  without 
requiring  an  upgrade  to  Windows  Server  2008. 

In  effect,  Nortel  blends  a  compelling  mix  of 
robust  features,  flexible  policy  enforcement 
options,  broad  scalability,  efficient  power 
consumption  and  standards  support  to  deliver 
a  high-end  network  access  control  solution. 

For  more  info  on  this  test,  visit: 
http:// www.  tolly  com/DocDetail.  aspx? 

DocN umber = 208302 


Security  tests  prove  Symantec  Endpoint 

Protection  is  faster  than  rival  products 


Symantec  Endpoint  Protection  consistently 
delivered  faster  response  time  than  three 
competing  products  tested,  in  some  cases 
achieving  performance  that  was  twice  as 
fast  as  other  products  tested. 

Tolly  engineers  compared  the  performance  of 
host  PC  clients  running  Symantec  Endpoint 
Protection  11.0.3,  as  well  as  other  endpoint 

protection  products  from  Kaspersky  Lab,  Impact  of  Launching  Internet  Explorer  on  a  Windows  XP  PC 
McAfee  and  Trend  Micro,  Inc. 


Word  3 


Symantec  was  the  only  vendor  that  did  not  slow  opening 
files  and  PowerPoint  presentations,  while  McAfee  doubled  ti 
open  1,2MB  Word  document 


•  Symantec's  impact  on  launching  Internet  Explorer  was  less  than  10%  while 
Kaspersky,  McAfee,  Trend  Micro  slowed  systems  by  more  than  50% 


mm. 


Because  client  PCs  are  accessed 
continually,  the  impact  of  fast  response 
times,  such  as  those  delivered  by 
Symantec,  has  an  ongoing  beneficial 
effect  on  every  user  in  the  enterprise 
since  incoming  mail  and  files  are  scanned 
continuously  and  business  operations  are 
unimpeded. 

Moreover,  the  speedier  end-point  security 
delivered  by  Symantec  can  result  in 
reductions  in  the  number  of  security- 
related  incidents,  a  reduction  in  the 
number  of  audit  deficiencies,  a  reduction 
in  the  amount  of  human  error  related  to 
security  or  compliance  policies,  and  a 
possible  reduction  in  the  amount  of  calls 
to  a  help  desk. 
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£  Symantec  Endpoint  Protection  11.0  ®  Trend  Micro  OfficeScan  8.0 

0  McAfee  Total  Protection  for  Endpoint  Jf  Kaspersky  Lab  Work  Space  Security 


In  one  test  examining  the  affect  of  endpoint 
security  products  on  the  boot  time  of 
resident  host  PCs,  Symantec  Endpoint 
Protection  booted  twice  as  fast  as  a 
system  with  Trend  Micro  OfficeScan  and 
51%  faster  than  a  system  with  McAfee 
Total  Protection  for  Endpoint. 

Tests  also  showed  that  Symantec  Endpoint 
Protection  was  the  only  product  that  did 
not  slow  the  opening  of  Microsoft  Word 
documents  and  PowerPoint  presentations, 
while  the  McAfee  product  tested  doubled 
the  time  required  to  open  a  1.2MB  Word 
document. 


Finally,  Symantec  Endpoint  Protection 
was  the  fastest  of  the  four  products 
tested  to  launch  Internet  Explorer  and 
load  a  Web  site,  handing  the  task  up  to 
40%  faster  than  other  products  tested. 
Handling  IE  requests  with  fast  response 
times  means  that  users  can  be  more  pro¬ 
ductive  than  other  security  endpoint 
software  that  bogs  down  the  client. 


For  more  info  on  this  test,  visit: 

http://www.tolly.com/DocDetail.aspx? 

DocNumber=208349 


Sponsor:  Symantec  Corp. 


Document  number:  208349 


Product  class:  Web  security  gateway 


Products  under  test 

•  Symantec  Endpoint  Protection  It. 0.3 

•  Kaspersky  Lab  Work  Space 
Security  6.0.3.837 

•  McAfee  Total  Protection  for 
Endpont  8.7.0 

•  Trend  Micro  OfficeScan  8.0  Build  1004 


Testing  window:  October  2008 


For  more  info  on  this  solution,  visit: 
•  http://www.symantec.com 


Open  Text  Connectivity  Secure  Server 

performance  and  scalability  translates  into 

better  TCO  versus  rival  offerings 
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•  Delivers  the  highest  performance  and  maximum  scalability  of  the  three  secure  shell  server  products  tested 

.♦post's  up  to  1 2X  less  to  support  1,000  concurrent  SFTP  connections  than  rival  products  tested 

+  Completes  1,000  SFTP  file-transfer  sessions  from  four  PC  clients  on  a  single  server,  while  Attachmate  and  SSH 
Tectia  servers  failed  to  scale  properly 

•  Imposes  less- overhead  on  host  server  CPU  than  other  products  tested 

•  Uses  9X  less  server  CPU  memory  than  other  products  tested  to  complete  36MB  file  transfer  to  client 


A  recent  Tolly  hands-on  examination  of 
three  leading  secure  shell  server  products 
reveals  that  Open  Text's  Connectivity 
Secure  Server  software  consistently 
outperformed  two  other  rival  products  in 
terms  of  performance  and  session  scaling. 

Open  Text's  Connectivity  Secure  Server  was 
the  only  product  tested  to  scale,  successfully, 
to  1,024  sessions.  This  has  huge  cost-of- 
ownership  implications  for  enterprises  since 
the  Open  Text  solution  can  be  deployed  on 
just  a  single  server,  saving  on  hardware  costs, 
real  estate  space,  and  associated  deployment 
and  ongoing  support  costs. 

By  contrast,  solutions  from  Attachmate  Corp. 
and  SSH  Communications  Security  would 
require  16  and  three  servers  to  support  the 
same  session  count,  tests  show.  From  a  cost- 
of-ownership  standpoint,  this  shows  marked 
differences  between  the  products,  as  users 
would  spend  about  $5,600  to  support  1,000 
sessions  with  the  Open  Text  Connectivity 
Secure  Server  versus  over  $60,000  for  the 
Attachmate  Reflection  for  Secure  IT  Server 
product  and  almost  $  14,000  for  the  SSH  Tectia 
server. 


In  tests  moving  a  36MB  file  from  a  server  to  a 
requesting  client,  Connectivity  Secure  Server 
completed  the  task  10X  faster  than  the  Tectia 
server  and  24X  faster  than  Attachmate's 
Reflection  for  Secure  IT  Server.  In  single-session 
and  multi-session  tests,  Open  Text  Connectivity 
Secure  Server  routinely  outperformed  the  two 
other  products  tested. 


Single  SFTP  File  Transfer  Performance 
Transfer  of  36MB  Text  File  from  Server  to  Four  PC  Clients 
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Connectivity 
Secure  Server 

Tests  also  showed  that  the  Open  Text 
Connectivity  Secure  Server  efficiently 
handles  secure  shell  operations,  requiring 
about  43%  less  time  to  process  80  concur¬ 
rent  sessions  across  four  PCs  compared 
to  products  from  Attachmate  and  SSH 
Communications  Security.  Further,  tests 
show  that  the  Open  Text  secure  shell  server 
consumes  fewer  host  resources  than  other 
products  tested.  Finally,  tests  showed  that 
the  Open  Text  Connectivity  Secure  Shell 
Server  places  less  memory  demand  on  host 
server  CPUs  than  other  products  tested. 


For  more  info  on  this  test,  visit: 
http://www.  tol/y.  com/DocDetail.aspx? 
DocNumber = 209100 
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Reflection  for 
Secure  IT  Server 
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Products  under  test 

•  Open  Text  Connectivity 
Secure  Server  1.0 

•  Attachmate  Corp. 
Reflection  for  Secure  IT 

:iSi;$erver  6. 1.3.9 . 


Testing  window:  December  2008 


For  more  info  on  this  solution, 
•  http://www.ope/itexi 
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Tests  reveal  depth,  richness  of 

Attachmate  Reflection  for 

IBM  2008  terminal  emulator 
over  trio  of  products 


•  Increases  user  productivity  up  to  5X  over  competitors 
for  the  performance  test  scenarios  conducted 

■  . 

■ t d«r- user  -.productivity: feature  set,  with'  \ 
j  ,n  IBM  PCOM'.  Micro  Focus  .  ] 

x  ^S8BA,  add:'Opea:|^^s|lxpfcrrer  y] 

•  Demonstrates  superior  support  for  Microsoft 
Windows  Vista  features  such  as  User  Account 
Control  (UAC)  to  assist  with  desktop  administration 

m  efficiency-  and  security  via  tight 
|  ion  with  Microsoft  Windows  Vista  and 

"v  Microsoft  Office  2001 


Tolly  engineers  examined  four  leading 
mainframe  terminal  emulation  products 
and  found  that  Attachmate®  Reflection® 
for  IBM®  2008  was  able  to  provide  richer 
productivity  features  and  better  integra¬ 
tion  with  Microsoft®  Windows  Vista®  and 
Office  2007™  than  competitive  products 
tested. 

Attachmate  Reflection  for  IBM  2008 
delivered  superior  security,  user  produc¬ 
tivity,  and  Microsoft  Vista  integration 
compared  to  IBM  Personal  Communi¬ 
cations,  Micro  Focus  RUMBA,  and  Open 
Text  HostExplorer  2008. 

Reflection  for  IBM  2008's  Auto  Complete 
feature  saved  engineers  time  since  only 
three  letters  from  a  previously  recognized 
Auto  Complete  word  had  to  be  typed  to 
complete  a  particular  field. 


Features 


User  Productivity 


Microsoft  Windows 
Vista  Integration 


p  i 

Auto  Complete,  Auto  Expand, 
Screen  History,  Scratch  Pad, 
Recent  Typing 


, 
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Microsoft  Office  2007 
Integration 


User  Account  Control  (UAC), 
Windows  Desktop  Search, 
Application's  Help  Integration 

E-mail  Message,  Word  Processing 
Document,  Appointment,  Note, 
Task,  Information  Privacy  Filters, 
Microsoft  Office  2007  "Ribbon" 
Menu  Toolbar 


Attachmate  Reflection  for  IBM  2008 
Feature  Verification 


With  regard  to  Windows  integration, 
Reflection  for  IBM  2008  embeds  the 
Windows  Vista  User  Account  Control 
(UAC)  security  shield,  which  can  be 
clicked  to  elevate  administrator  privileges 
after  providing  the  appropriate  creden¬ 
tials,  without  the  need  to  log  off.  This 
helps  administrators  easily  provision  user 
desktops. 


Reflection  for  IBM  2008  is  tightly  inte¬ 
grated  with  Office  2007  and  created  an 
E-mail  up  to  3.5  times  faster  than  IBM 
PC0M  for  the  specific  test  scenario. 
Reflection  for  IBM  2008  also  created  a 
Word  document  up  to  four  times  faster 
than  competitors  tested. 

A  Word  integration  feature  creates  a  new 
Word  document  with  the  on-screen  host 


application  data  inserted  in  the  docu¬ 
ment.  Out  of  the  four  products  tested, 
only  Reflection  for  IBM  2008  offered 
this  feature. 

Finally,  Reflection  for  IBM  2008  was  the 
only  product  tested  to  offer  these  six 
productivity  features  —  Auto  Complete, 
Auto  Expand,  Spell  Check,  Screen  History, 
Scratch  Pad  and  Recent  Typing. 


For  more  info  on  this  test,  visit: 
http://www.tolly.com/DocDetail.aspx? 


Sponsor:  Attachmate 


Product  class:  Mainframe  terminal  emulation  software 


Testing  window:  November  2008 
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"One-time"  passwords  at 

heart  of  Passlogy  authentication 
system  NAC  solution 


•  Resists  brute  force  and  account  lock  attacks  under  normal  operating  conditions 

•  Compatible  with  remote  access  sofiittQi^^ke  SSI  V  Pis 

•  Provides  a  convenient  and  flexible  one  time  password  authentication  using  cell 
phones,  portable  gaming  devices,  PDAs,  etc.  equipped  with  a  Web  browser 

•  Reduces  support  costs  and  administrative  burden  of  maintaining  dedicated 

•  hardware  tokens  ■ 


Mobile  phone 


Mobile  game,, 
console  h 


Laptop 


Tests  showed  that  the  PASSLQGIC  technology 
provided  the  means  to  successfully  guard 
against  password  compromising  attacks  using 
brute-force  techniques  or  random  account 
locking  attempts.  Engineers  noted  that  such 
attacks  are  highly  unlikely  to  succeed  unless  the 
attacker  possessed  very  intimate  knowledge  of 
the  working  of  the  PASSLOGIC  technology,  along 
with  other  conditions  like  a  compromised  user 
login  and  associated  user-specific  URL  required 
to  access  the  random  number  table  containing 
the  one-time  password. 

Tests  also  showed  that  the  PASSLOGIC 
system  can  be  integrated  into  remote  access 
scenarios  like  using  SSL  VPNs  to  connect  to  a 
remote  office  over  the  Internet. 

Engineers  also  verified  that  the  PASSLOGIC 
system  could  be  made  to  work  with  any 
devices  equipped  with  a  Web  browser  and 
connected  to  the  Internet  to  download 
the  random  number  table  containing  the 
one-time  password  for  the  user  for  that 
session.  This  is  particularly  useful  when  the 
user  is  mobile,  by  being  able  to  use  portable 
devices  like  PDAs,  smart  phones  (like  Apple 
iPhone),  portable  gaming  devices  (like  Sony 
PSP),  etc.  to  access  one-time  use  pass¬ 
word^)  for  any  compatible  services  using 
PASSLOGIC  technology  for  authentication. 

Tests  found  that  PASSLOGIC  technology  for 
token  less  authentication  provides  a  secure, 
flexible  and  easy-to-use  authentication  system 
that  can  augment  existing  authentication 
mechanisms. 


For  more  info  on  this  test,  visit: 
http://www.  tolly.  com/DocDetail.aspx? 
DocNumber= 208289 


Passlogy's  PASSLOGIC  token  less  one-time 
password  authentication  mechanism  provides 
users  with  a  URL  to  access  a  Web  page 
displaying  a  matrix  consisting  of  randomly 
generated  numbers  or  characters;  out  of  which 
users  extract  a  unique  one-time  password 
comprising  of  numbers  or  characters.  The 
password  is  extracted  by  selecting  the 
numbers  from  positions  in  the  matrix  that  form 
a  shape  of  the  user's  choosing.  The  authenti¬ 
cation  procedure  follows  a  challenge  and 
response  model. 


A  unique  password  authentication  system 
that  relies  upon  "one-time"  passwords  may 
be  the  strategic  key  enterprises  need  to 
better  secure  network  resources. 

Tolly  engineers  exercised  Passlogy  Co.  Ltd.'s 
PASSLOGIC,  a  token-less  password  authenti¬ 
cation  system  running  on  a  PatternPass  1000 
appliance  that  relies  on  usage  of  one-time 
passwords  to  resist  brute  force  and 
other  security  attacks. 


Passlogic  Token-Less  One-Time 
Password  Authentication  Process 


PatternPass  1000 


Authentication 
Data  Synchronization 
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Internet 


SSL-VPN 


Step  1:  Request  random  number  matrix 
Step  2:  Receive  random  number  matrix 

Step  3:  Client  password  input  from  the  random  number  matrix 
Step  4:  RADIUS  authentication  request 

Step  5:  Authentication  approval 
Step  6:  Access  approval  to  the  dieht 


•  Offers  the  widest  coverage  and  the 
greatest  accuracy  in  categorizing 
dynamic  content  on  Web  2.0  sites 


•  Provides  the  easiest  to  use  interface 
of  the  products  tested 


Websense  Web  Security 
Gateway  trumps  quartet  of 

rivals  wiiti  high  performance, 

rich  features 


Tolly  tests  reveal  that  a  Websense  Web 
Security  Gateway  surpasses  the  capabilities 
of  competing  products  by  meeting  or  exceeding 
industry  analyst  criteria  for  malware  protec¬ 
tion,  data  loss  prevention,  and  Web  2.0  throat 
detection  accuracy. 

Tolly's  "The  Web  Security  Challenge:  A 
Competitive  Guide  to  Selecting  Secure  Web 
Gateways"  (Document  #208326,  November 
2008)  verified  that  while  the  majority  of  prod¬ 
ucts  tested  excel  in  one  or  maybe  two  areas, 
only  the  Websense  Web  Security  Gateway 
delivered  uniformly  high-performance  and 
feature-rich  capabilities  across  all  nine 
functional  areas  that  engineers  examined. 

The  Websense  Web  Security  Gateway  was 
evaluated  against  products  from  Blue  Coat 
Systems,  Cisco  Systems  Inc.,  Trend  Micro, 
Inc.,  and  Secure  Computing  Corp. 


Web  2.0  URL  Filtering  Performance 


Websense  BlueCoat  Cisco  Secure  Trend  Micro 


Computing 

Note:  All  URLs  tested  were  sourced  from  Websense  ThreatSeeker  network, 
within  six  to  24  hours  of  the  testing  window. 


Tolly  engineers  assigned  a  subjective  score  to 
each  of  the  nine  product  criteria 
evaluated  and  tallied  a  composite  score  for  each 
product.  With  a  score  of  201,  the  Websense 
Web  Security  Gateway  almost  doubled  the 
point  total  of  its  next  nearest  competitor. 


In  Web  2.0  threat  detection,  accuracy  and 
effectiveness,  the  Websense  Web  Security 
Gateway  earned  a  score  of  98.9  %.  The  two 
closest  competitors,  McAfee's  Secure 
Computing  and  BlueCoat,  earned  40.2  %  and 
11.1  %,  respectively. 


For  more  info  on  this  test,  visit: 

http://www.tollY.com/DocDetail.aspx? 

DocNumber-208326 
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Document  number:  208326 


Product  class:  Web  security  gateway 


. 

Products  under  test: 


m 


Websense  Web  Security  Gateway 
Blue  Coat  Systems  ProxySG  210 
Cisco  Systems,  inc.  IronPort  S650 
Web  Security  Appliance 
Secure  Computing  Corp.  Secure 
Web  Webwasher 

Trend  Micro  Incv.  InterScan  Web 
Security  Suite 


Testing  window:  November  2008 


For  more  info  on  this  solution,  visit 
®  httf  ■  ■//www.  websense.  com 


In  addition  to  standard  URL  filtering  and  tradi¬ 
tional  malware  protection  that  is  available  on 
any  secure  Web  gateway,  Websense  is  the  first 
vendor  examined  by  Tolly  engineers  to  offer  a 
fully  integrated  Data  Loss  Prevention  (DLP) 
option,  allowing  the  company  to  offer  a  level  of 
DLP  unmatched  by  rival  products  tested.  The 
Websense  Web  Security  Gateway  delivers 
a  more  functional  management  interface, 
scalability  capabilities,  and  richer  reporting 
functions  than  rival  products  tested. 


"Many  of  our  customers  ask  how  they  can 
use  Web  2.0  to  drive  their  business  goals; 
how  they  can  say,  'Yes'  to  Web  2.0  without 
compromising  security  and  productivity,"  said 
Leo  Cole,  vice  president  of  marketing, 
Websense.  "We’re  confident  especially 
with  this  new  research  —  that  Websense  is 
uniquely  positioned  to  help  businesses  adopt 
Web  2.0  without  fear  of  malicious  code,  data 
loss,  or  productivity  issues." 


show  accelerated  iSCSI  solutions  on 

HP  ProLiant  s  rvers  and  adapters  improve 
server  efficiency  and  performance 


CPU  Utilization  Improvement  with  Hardware-Accelerated  iSCSI 
for  HP  StorageWorks  20121  Modular  Storage  Array 
(As  reported  by  iometer  2006.07.27) 
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100%  Read  100%  Write  70%  Read  30%  Write 


Request  Size  (in  bytes)  and  Access  Scenario 


•  Outperforms  software-based  iSCSI  by 
reducing  CPU  utilization  by  up  to  8X 
ware-accelerated  iSCSI  in 
1200  solution 


! 


IP 

■  Outperforms  software 
by  up  to  5X  reduced  CP 
with  hardware-accelerat 
the  MSA2012I  solutu 


ie  to  theoretical 
ectionai  iSCSI 
over  Gigabit  Ethernet 
with  up  to  112  MBps  {897 
one  Gb£  link  in  the 
1200  AiO  solution,  and  up  to  226 
MBps  (1.806  Mbps)  over  two  GbE 
links  in  the  MSA2Q12i  solution 


Sponsor:  Hewlett-Packard  Co. 

■ 

Product  class: 

•  Storage  Area  Network  - 
iSCSI  performance 

under  test: 


HC373T 

■  ",  W  HP  ProLiant  Hi  1 40  -G3 

, :  , 

Testing  window:  April  2008 

■  ;  ,  '  es  t  ■ 


Three  different  1/0  access  methods  were  tested 
with  100%  sequential  access  pattern  — 100% 
read,  100%  write  and  70%  read/30%  writa 

On  the  performance  side,  the  hardware- 
accelerated  iSCSI  demonstrated  close  to  the 
theoretical  maximum  unidirectional  iSCSI 
throughput  over  Gigabit  Ethernet  links,  with 
up  to  11 2  MBps  (897  Mbps)  over  one  GbE  link 
in  the  AiO  1200  solution,  and  up  to  226 
MBps  (1,806  Mbps)  over  two  GbE  links  in  the 
MSA  201 2i  solution.  The  performance 
benefits  of  multifunction  server  adapters 
in  ProLiant  servers  featuring  hardware- 
accelerated  iSCSI  triumph  over  traditional 
software-based  iSCI  initiators  communicating 
to  StorageWorks  storage  arrays. 

View  the  full  test  summary  at: 

http://www.to//y.com/DocDetailaspx? 

DocNumber^ 208305 


■  Software-Based  iSCSI  HI  Hardware-Accelerated  iSCSI 


If  there's  any  lingering  doubt  that  hardware- 
accelerated  iSCSI  improves  server  perform¬ 
ance  over  software-based  alternatives,  then 
a  recent  Tolly  report  examining  Hewlett- 
Packard  solutions  for  ProLiant  servers 
should  put  it  to  rest. 

A  July  2008  Tolly  report,  commissioned  by 
HR  found  that  the  company's  hardware- 
accelerated  iSCSI  solutions  reduce  server 
CPU  utilization  by  a  factor  of  8X  in  an  All¬ 


in-One  (AiO)  1200  Storage  System,  and  by 
5X  in  a  StorageWorks  201 2i  ModularSmart 
Array  (MSA). 

Tolly  engineers  tested  two  end-to-end  iSCSI 
solutions  from  HR  Test  results  in  almost  all 
cases  showed  noticeable  improvement  in 
the  peak  throughput  and  decreased  CPU  uti¬ 
lization  (the  lower,  the  better)  with 
hardware-accelerated  iSCSI  versus  software- 
based  iSCSI. 


Tests  initially  were  run  with  a  software-based 
initiator  enabled  for  the  iSCSI  traffic,  and  then 
repeated  with  the  hardware  acceleration 
enabled.  Software-based  iSCSI  tests  used  the 
Microsoft  iSCSI  Initiator  built  into  the  Windows 
Server  2003  Enterprise  x64  Edition  SP2  operating 
system  running  on  the  servers  under  test. 
Hardware-accelerated  iSCSI  tests  used  the 
iSCSI  initiator  running  in  hardware  on  an 
NC373i  LOM  adapter  and  a  NC373T  NIC. 


Goodbye  malware,  hello  micro-projector 

i 


Mark  Gibbs 


have  two  topics  this  week.  First,  it  appears  my 
malware  saga  has  come  to  a  satisfactory 
solution.  As  1  discussed  two  weeks  ago,  I  tried 
Malwarebytes  AntiMalware  to  exorcise  demons 
on  a  system  running  XP  Professional  SP2.  It 
GEARHEAD  worked  —  for  24  hours.  The  next  day  the  PC 
started  acting  flaky  again  even  though  Anti- 
Malware  was  declaring  the  system  clean. 

1  was  about  to  rebuild  the  machine  when  I  dis¬ 
covered  an  online  service  called  Reimage,  which  downloads  an 
ActiveX  control  to  your  Windows  PC,  then  launches  an  Internet 
Explorer  shell  that  scans  your  system. 

Reimage  produces  a  report  of  what  it  found  and  offers,  for  $65  for  a  sin¬ 
gle  PC  ($79  for  three  machines), to  fix  your  problems.This  magic  is  done 
by  removing  bogus  files  and  replacing  modified  files  from  Reimage’s 
online  repository  of  Windows  systems  components. 

So,  I  downloaded,  rebooted  in  safe  mode,  ran  the  scan,  let  Reimage 
perform  the  fix,  and  voilal  I  can’t  detect  any  signs  of  anything  amiss.The 
machine  runs  better  than  ever,  no  popups  are  appearing,  and  processor 
utilization  from  deferred  procedure  calls  and  all  other  services  are  with¬ 
in  normal  limits.Amazing. 

Reimage  is  the  result  of  some  two  and  half  years  of  development  and 
real-world  testing  on  more  than  6,000  PCs  affected  by  malware  and  cor¬ 
ruptions.  The  company  claims  a  99%  success  rate  on  repairs  (the 
remaining  1%  are  unrepairable  due  to  hardware  issues)  and  offers  a 
money-back  guarantee  with  no  questions  asked  if  not  satisfied. 

Now  the  downside:  Being  relatively  new,  the  user  interface  is  poor. 
When  you  run  in  safe  mode  (which  locks  you  into  640-by-480-pixel  res¬ 
olution)  the  client-side  control  uses  relatively  enormous  fonts  that  use 
up  way  too  much  screen.  And  at  the  end  of  the  run  I  allowed  the  repair, 


which  is  followed  by  a  reboot,  but  there’s  no  log  to  tell  me  what  was 
done.That  said,  Reimage  seems  to  have  fixed  my  problems. 

The  repair  also  didn’t  preserve  all  of  my  settings.  Windows  XP  thought 
my  time-zone  information  was  out  of  date  (looks  like  a  damaged  reg¬ 
istry  key),  the  start  bar  configuration  was  changed,  the  quicklaunch 
toolbar  was  disabled, and  my  logon  screen  background  was  set  to  black 
rather  than  the  usual  blue. 

All  the  same,  if  you  have  a  compromised  PC  and  no  time  to  rebuild, 
Reimage  may  be  an  inexpensive  way  to  resolve  the  problems.  I’ll  give 
Reimage  3  out  of  5.  If  they  make  it  so  the  service  tells  me  what  has  been 
fixed,  they’ll  get  4  out  of  5,  and  resolving  the  other  oddities  should  get 
them  full  marks. 

My  second  topic  this  week  is  a  micro-projector,  the  3M  MPro  110, 
which  is  similar  to  the  Nextar  Z10  that  my  Cool  Tools  colleague  Keith 
Shaw  covered  last  week.  For  25%  more  money  than  the  ZlO.the  MPro 
1 10  offers  the  same  resolution  in  a  box  that  is  about  25%  smaller  and 
just  a  quarter  of  the  weight.  Conversely  the  MPro  1 10  is  purely  a  projec¬ 
tor  and  cannot  show  content  from  memory  cards  like  the  Z10  can. 

While  the  MPro  1 10  has  good  image  quality,  it  also  has  a  few  notable 
flaws:  Its  image  is  not  very  bright  (you’ll  need  to  really  darken  the 
room);  there’s  a  tiny  but  noticeable  “pin  cushion”  distortion;  there’s 
light  spill  around  the  image  from  a  casing  around  the  lens  (a  weird 
oversight);  there’s  no  “keystone”  correction  (that  is,  the  image  can’t  be 
corrected  if  the  device  is  off  normal  to  the  screen);  and  there’s  no  tri¬ 
pod  mounting. 

The  MPro  1 10  is  cool  but  mostly  for  its  novelty  value,  and  at  $400,  it’s 
pricey  The  3M  MPro  1 10  gets  a  rating  of  2  out  of  5. 

Gibbs  projects  a  malware-free  image  in  Ventura,  Calif.  Display  your 
insights  to  gearhead@gibbs.com. 


HyperSpace:  More  like  impulse  power 


The  scoop:  HyperSpace,  by  Phoenix  Tech¬ 
nologies,  about  $40  per  year  (HyperSpace  Dual 
tested, the  HyperSpace  Hybrid  version  costs  $60 
per  year). 

What  it  is:  At  its  core,  HyperSpace  is  quick¬ 
booting  software  for  Windows  notebooks  (and 
netbooks)  that  aims 
to  speed  the  power-up 
and  power-down  se¬ 
quence,  and  save  the  notebook’s  battery  life. 

Basic  tasks  like  connecting  to  a  wired  or  wire¬ 
less  network  and  checking  Internet  e-mail  also 
can  be  performed. 

The  software  uses  a  Linux-based  environ¬ 
ment,  and  comes  in  two  versions:  HyperSpace 
Dual  creates  a  dual-OS  environment  for  your 
system  —  when  you’re  using  HyperSpace, 

Windows  is  not  available.To  use  Windows, you 
have  to  shut  down  HyperSpace.  The 
HyperSpace  Hybrid  version  lets  users  operate 
back-and-forth  between  Windows  and  the 
HyperSpace  environment.  Unfortunately  the 
Hybrid  version  only  works  with  PCs  that  include  the  Intel  Virtual 
Technology  component. 

Why  it’s  cool:  My  Dell  D620  Latitude  notebook  takes  about  2.5  minutes 
to  boot  up  to  a  point  at  which  my  wireless  network  is  connected.  The 
shutdown  process  is  similarly  painful  —  it  takes  about  a  minute  to  power 
down,  and  that’s  if  I’m  not  downloading  patches  or  ending  up  with  any 
weird  shutdown  error  messages. 

With  HyperSpace  installed,  I  booted  up  in  about  30  seconds,  and 
could  access  e-mail  and  the  Web.  Shutdown  time  with  HyperSpace 


was  even  quicker  —  1  powered  down  in  about  five  seconds. 

Some  caveats:  Installing  the  software  on  my  Dell  D620  Latitude 
notebook  took  some  time  —  first  I  had  to  make  sure  Windows  XP 
with  Service  Pack  3  was  installed  (it  wasn’t, so  that  took  some  time). 
The  HyperSpace  Dual  version  (the  Dell  notebook  couldn’t  install 
Hybrid)  required  a  re-partitioning  of  my  hard  drive,  which  took  about 

two  hours  to  complete.  At  the  moment, 
uninstalling  the  software  won’t  uninstall  the 
partitioning,  but  Phoenix  is  promising  to  fix 
that  for  Windows  XP  users  (so  an  uninstall 
will  also  un-partition). 

In  addition,  a  “My  Documents”  folder  in 
HyperSpace  doesn’t  work  with  the  Dual  ver¬ 
sion;  an  update  is  promised  that  will  let 
users  access  documents  on  their  hard  drive. 
Initially,  USB  mice  and  keyboards  were  not 
supported  through  HyperSpace,  but  a  patch 
fixed  that. 

Bottom  line:  HyperSpace  has  great  poten¬ 
tial,  but  I’d  like  to  see  some  non-Web  appli¬ 
cations,  particularly  music  and  DVD  applica¬ 
tions.  Phoenix  Technologies  says  a  software 
development  kit  is  in  the  works,  so  as  more  applications  become 
available  for  HyperSpace,  the  software  becomes  more  valuable.  Until 
then,  paying  $40  per  year  (or  more)  for  instant-on/off  capabilities 
might  seem  a  bit  steep  for  most  users.  If  I  can  be  on  the  road  and 
avoid  the  Windows  boot-up  altogether  (or  at  least  80%  of  the  time), 
that  would  be  well  worth  it. 

Grade:  ★★  (out  of  five). 

Shaw  can  be  reached  at  kshaw@nww.com. 


COOLTOOLS 


HyperSpace  gives  slow  laptop  start-ups 
the  boot. 


www.networkworld.com  •  JANUARY  26,  2009  •  25 


PACK  RAT  NATION 

As  they  play  in  the  global  information  economy 
U.S.  companies  stash  awav  more  data  than  they  can 
handle  effectively  The  2009  New  Data  Center  six-part 
series  opens  with  a  look  at  how  companies  are  cop¬ 
ing  with  the  escalating  problem  of  data  storage. 

Thinking  outside  the 
storage  box.  At  right. 


Thin  provisioning:  Don’t  let  the 
gotchas  getcha.  A  how-to  on 
getting  the  most  out  of  this 
advanced  storage  technology.  32 


The  big  data-center  synch. 

With  Fiore  Channel  over  Ethernet 
now  a  reality,  enterprises  prep  for 
data  and  storage  convergence.  35 


How  flash  is  changing  storage. 

And  five  vendors  pushing  flash- 
based  solid-state  technology  into 
the  enterprise.  38 


W  DATA  CENTER 

STRATEGIES  AMO  TECHNOLOGIES  FOR  OPTIMIZING  IT 


NEW  DATA  CENTER  ONLINE  EXCLUSIVES 


1 0  woeful  tales  of  data  gone  missing.  Lessons  learned  notwithstand¬ 
ing,  data  storage  tapes  go  missing  every  year.  Here’s  a  look  at  10  such  mishaps. 
www.nwdocfinder.com/842 1 

Five  innovative  flash-based  products  for  enterprise  storage.  Flip 

through  a  slide  show  of  servers,  storage  arrays  and  even  a  newfangled  disaster- 
recovery  device,  www.nwdocfinder.com/8423 

Is  FCoE  the  only  way  to  go?  Some  say  other  options  are  just  as  good,  if 
not  better,  for  converging  data  and  storage  networks.ww.nwdocfinder.com/8422 

Know  your  storage-efficiency  quotient.  Get  pointers  on 
increasing  storage  capacity  without  consuming  more  space  and 
energy,  in  a  podcast  with  Pillar  Data  Systems  CEO  Mike  Workman. 
www.nwdocfinder.com/8424 

Data-dedupe  state  of  the  art  Get  an  update  on  the  latest  data- 
deduplication  products,  with  Fidelma  Russo,  an  engineering  vice 
president  with  Sepaton.www.nwdocfinder.com/8425 


OUTSIDE 


With  storage  growth  tracking  at  60% 
annually,  according  to  IDC,  enterprises 
face  a  dire  situation.  Throwing  disks  at 
the  problem  simply  doesn’t  cut  it  any¬ 
more.  Andrew  Madejczyk,  vice  presi¬ 
dent  of  global  technology  operations  at 
pre-employment  screening  company 
Sterling  lnfosystems.  in  New  York,  likens 
the  situation  to  an  episode  of  “House,” 
the  popular  medical  drama. 

“On  ‘House,’  there  are  two  ways  to 
approach  a  problem.  You  treat  the  symp¬ 
toms,  or  you  find  out  what  the  root  cause 
is  and  actually  end  the  problem,” 

Madejczyk  says,  “With  storage,  up  until  now,  the  path  of  least  resistance  was  to  treat 
the  symptoms  and  buy  more  disks”  —  a  method  that  surely  would  ignite  the  ire  of  the 
show’s  caustic  but  brilliant  Dr.  Gregory  House. 

Were  the  doctor  prone  to  giving  praise,  he’d  give  a  call  out  to  enterprise  IT  man¬ 
agers  who  are  rethinking  this  traditional  approach  to  storage.  He’d  love  that  tech¬ 
nologists  are  willing  to  go  outside  their  comfort  zones  to  find  a  solution,  and  he’d 
thrive  on  the  experimentation  and  contentiousness  that  surround  the  diagnosis. 

House  probably  would  find  an  ally  in  Casey  Powell,  CEO  at  storage  vendor 
Xioteeh.  “Everybody  acknowledges  the  problem  and  understands  it,  but  nobody’s 
solving  it.  As  technologists,  we  have  to  step  back,  look  at  the  problem  and  design 
a  different  way,”  Powell  says. 


and  the  rise  in  Web  2.0 
applications  are  forcing 
a  storage  rethink.  Is  this 
the  end  of  the  SAN  as 
we  know  it? 


Optimizing  the  SAN 

Today  most  organizations  store  some  combination  of  structured,  database-type 
and  unstructured  file-based  data. in  most  cases,  they  rely  on  storage-area  network 
(SAN)  technologies  to  ensure  efficiencies  and  overall  storage  utilization,  keeping 
costs  down  as  storage  needs  increase. 

SANs  aren’t  enough,  however.  Enterprises  increasingly  are  turning  to  technologies 
that  promise  to  provide  an  even  bigger  bang  for  the  buck,  including  these: 


;e,up  until  now,  the  path 


of  least  resistance  was  to  treat  the 
sym  >toins  and  buy  more  disks. 

ANDREW  MADEJCZYK,  VICE  PRESIDENT  OF  GLOBAL 
TECHNOLOGY  OPERATIONS,  STERLING  INFOSYSTEMS 
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•  Data  deduplication,  which  helps  reduce  redundant 
copies  of  data  so  firms  can  shrink  not  only  storage  require- 

-r4  ments  but  also  backup  times. 

•  Tli in  provisioning,  which  increases  storage  utilization  by 
making  storage  space  that  has  been  overprovisioned  for  one 

m  application  available  to  others  on  an  as-needed  basis  (see 
“Thin  provisioning:  Don’t  let  the  gotchas  getcha,”page  32). 

•  Storage  tiering, which  uses  data  policies  and  rules  to  move 
noncritical  data  to  slower,  less  expensive  storage  media  and 
leave  expensive  Tier  1  storage  free  to  handle  only  the  most 
mission-critical  applications. 

•  Storage  resource  management  software,  which  helps 
JJ  users  track  and  manage  storage  usage  and  capacity  trends. 

“In  the  classic  SAN  environment,  these  tools  don’t  just  pro¬ 
vide  a  partial  solution. They  allow  you  to  make  fundamental 
improvements,”  says  Rob  Soderbery,  senior  vice  president  of 
Symantec’s  Storage  and  Availability  Management  Group. 
Clients  that  have  pursued  these  strategies  even  have  been 
able  to  freeze  storage  spending  for  a  year  at  a  time,  he  says. 
“And  when  they  get  back  on  the  storage  spending  cycle,  they 
get  back  on  at  about  half  the  spending  rate  they  were  at 
before,”  he  adds. 

Although  few  IT  executives  report  such  dramatic  reductions 
in  storage  spending,  many  are  pursuing  such  strategies. 

At  Sterling,  for  example,  moving  from  tape-  to  disk-based 
backups  via  Sepaton’s  S2100-ES2  virtual  tape  library  reduced 
the  time  it  takes  for  nightly  backups  from  12  to  just  a  few 
hours,  Madejczyk  says.  Sepaton’s  deduplication  technology 
provides  an  added  measure.  In  addition,  he  has  virtualized 
more  than  90%  of  his  server  environment, “reducing  our  foot¬ 
print  immensely’”  and  implemented  EMC  thin  provisioning 
and  storage  virtualization. 

Still,  his  company’s  storage  needs  keep  growing,  Madejczyk 
says.“In  this  economy  Sterling  is  being  very  responsible  and 
careful  about  what  we  spend  on,”  he  says.  “We’re  concentrat¬ 
ing  on  the  data-management  part  of  the  problem,  and  we’re 
seeing  results.  But  it’s  a  difficult  problem  to  solve.” 

Tom  Amrhein,  CIO  at  Forrester  Construction  in  Rockville, 
Md.,  has  seen  similar  growth.  The  company  keeps  all  data 
associated  with  its  construction  projects  in  a  project  man¬ 
agement  database,  so  the  vast  majority  of  that  stored  data  is 
structured  in  nature.  Regulatory  and  compliance  issues  have 
led  to  increased  storage  needs  nonetheless. 

“Most  companies  need  to  keep  their  tax  records  for  seven 
years,  and  that’s  as  long  as  they  need  to  keep  anything,” 
Amrhein  says.  “But  tax  records  are  our  shorter-cycle  data. 
Depending  on  the  jurisdiction,  the  time  we  could  be  at  fault 
for  any  construction  defect  is  up  to  10  years  —  and  we’re 
required  to  have  the  same  level  of  discovery  response  for  a 
project  completed  nine  years  ago  as  we  would  for  a  project 
that’s  been  closed  out  two  weeks.” 

Forrester  Construction  has  cut  down  a  bit  on  storage  needs 
by  keeping  the  most  data-intensive  project  pieces  —  building 
drawings,  for  example  —  on  paper.  “Because  the  scanning 
rate  is  so  high  and  paper  storage  costs  so  low,  retaining  those 
as  physical  paper  is  more  cost-effective,”  Amrhein  says. 

The  real  key  to  keeping  costs  in  check,  however,  is  storage-as- 
a-service,  Amrhein  says.  IT  outsourcer  Connectria  hosts  the 
company’s  main  application  servers,  including  Microsoft  Ex¬ 
change,  SQL  Server  and  ShareFbint;  project  management, 
finance, CRM  and  Citrix  Systems.lt  handles  all  that  storage, leav¬ 
ing  Forrester  Construction  with  a  predictable,  flat  monthly  fee. 


Go  online  for  three  tips 

ON  HOW  TO  DEAL  WITH  THE  MOUNTING 
VOLUMES  OF  UNSTRUCTURED  STORAGE. 
wvw.nwdocfinder.com/8423 


“I  pay  for  a  set  amount  of  gigabytes  of  storage  as  part  of  the  SLA  [service-level 
agreement],  and  then  I  pay  $1  per  gig  monthly  for  any  excess,”  Amrhein 
explains.“That  includes  the  backup,  restore  and  all  the  services  around  those. 
I’m  paying  $25K  a  month  to  Connectria,  plus  paying  for  about  10GB  over  my 
SLA  volume. That  overage  is  a  wash.” 

For  the  firm’s  unstructured  data,  Forrester  Construction  uses  Iron  Mountain’s 
Connected  Backup  for  PCs  service,  which  backs  up  all  PCs  nightly  via  the 
Internet.  If  a  PC  is  not  connected  to  the  Internet  at  night,  the  user  receives  a 
backup  prompt  on  the  next  connection.  “With  60%  of  the  people  out  of  the 
office,  this  is  perfect  for  us,”  Amrhein  says.“Plus,  Iron  Mountain  helps  us  reduce 
the  data  volume  by  using  deduplication,” he  says.“Even  for  people  on  a  job  site 
with  a  wireless  card  or  low-speed  connection,  it’s  just  a  five-  or  10-minute  thing.” 

Still,  the  unstructured  side  is  where  the  construction  company  sees  its  biggest 
storage  growth.  E-mail  and  saved  documents  are  the  biggest  problem  areas. 

The  rise  in  Web  2.0  data 

Forrester  Construction  is  not  alone  there.  In  the  enterprise,  IDC  reports,  struc¬ 
tured,  transactional  data  will  grow  at  a  27.3%  compounded  annual  rate  over 
the  next  three  to  five  years. The  rise  in  unstructured,  file-based  data  will  dwarf 
that  growth  rate,  however.  IDC  expects  the  amount  of  storage  required  for  un¬ 
structured,  file-based  data  to  increase  at  an  unprecedented  69.4%  clip.  By  2010, 
enterprises  for  the  first  time  will  find  unstructured  storage  needs  outstripping 
traditional, structured  storage  demands.  (See  “Got  files?”  below.) 

The  rub  here  is  that  although  SANs  are  extremely  efficient  at  handling  struc¬ 
tured,  transactional  data,  they  are  not  well  optimized  for  unstructured  data. 
“SANs  are  particularly  ill-suited  to  Web  2.0,  scale-out,  consumer-oriented-type 
applications,”  Symantec’s  Soderbery  says.“No.  1  ,the  applications’  architecture  is 
scale-out,  so  you  have  hundreds  or  thousands  of  systems  working  on  the  same 
problem  instead  of  one  big  system,  like  you  would  have  with  a  database.  And 
SANs  aren’t  designed  that  way  And  No.  2,  these  new  applications  —  like  storing 
photos  on  Facebook  or  video  or  display  ads  or  consumer  backup  data  —  are 
tremendously  data  intensive.” 

Symantec  hit  the  wall  with  this  type  of  data  in  supporting  its  backup-as-a-ser- 
vice  offering,  which  manages  26  petabytes  of  data,  Soderbery  says.That  prob¬ 
ably  puts  us  in  the  top  10  or  20  storage  consumers  in  the  world. We  could  never 

See  Rethink,  page  30 

GOT  FILES? 

The  explosion  of  file-based  data  will  see  unstructured  storage  needs 
surpass  structured  storage  demands  by  next  year,  IDC  reports. 

(For  results  of  a  reader  survey  on  structured  vs.  unstructured  data 
and  other  storage  drivers,  go  to  www.nwdocfinder.com/8426.) 


TOTAL  ENTERPRISE  DISK  STORAGE  SYSTEMS:  EXABYTES  (EB)  SHIPPED 
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■  File-based  EB  (+69.4%  CAGR) 


2010  2011  2012 

Block-based  EB  (+27.3%  CAGR) 
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Let's  leave  the  hardware  where  it  is. 

A  software-based  VoIP  solution  from  Microsoft  is  a  whole 
new  way  to  look  at  telephony.  As  it  turns  out,  that  important  move 
to  VoIP  isn't  about  ripping  and  replacing  or  big,  upfront  costs. 

That's  because  it's  no  longer  about  hardware.  It's  actually 
about  software.  That's  right.  Keep  your  hardware — your  PBX, 


your  gateways,  even  your  phones.  Add  software.  Software  that 
integrates  with  Active  Directory;*  Microsoft15  Office,  Microsoft 
Exchange  Server,  and  your  PBX.  Simply  maximize  your  current  PBX 
investment  and  make  it  part  of  your  new  software-based  VoIP 
solut  ion.  Because  what  you  have  is  good.  What  you  have  with  the 
right  software  is  even  better.  Learn  more  at  microsoft.com/yoip 


Your  potential.  Our  passion* 

Microsoft* 


Rethink,  continued  from  page  28 

afford  to  implement  a  classic  Tier  1  SAN  architecture,” he  says. 

Instead,  Symantec  went  the  commodity  path,  using  its  own 
Veritas  Storage  Foundation  Scalable  File  Server  software  to  tie 
it  all  together.'The  Scalable  File  Server  allows  you  to  add  file 
server  after  file  server,  and  you  get  a  single  namespace  out  of 
that  cluster  of  file  servers. This  in  turn  allows  you  to  scale  up 
your  application  and  the  amount  of  data  arbitrarily  And  the 
software  runs  on  pure  commodity  infrastructure,”  Soderbery 
explains.  Plus,  the  storage  communicates  over  a  typical  IP  net¬ 
work  vs.  a  more  expensive  Fibre  Channel  infrastructure. 

Symantec’s  approach  is  similar  to  that  of  the  big  cloud  play¬ 
ers,  such  as  Google  and  Amazon.com.  “We  happen  to  build 
packaged  software  to  enable  this,  whereas  some  of  the  early 
adopters  built  their  own  software  and  systems.  But  it  all  works 
the  same  wa^’ Soderbery  says. 

The  prudent  approach  to  storage  as  it  continues  to  grow, 
Soderbery  says,  is  to  optimize  and  use  SANs  only  for  those 
applications  that  merit  them  —  such  as  high-transaction,  mis¬ 
sion-critical  ERP  applications.  Look  to  emerging  commodity- 
storage  approaches  for  more  scale-out  applications,  such  as 
Web  2.0,  e-mail  and  interactive  call-center  programs. 

Does  that  mean  enterprises  need  to  support  SANs  and  new 
cloud-like  scale-out  architectures  to  make  sure  they’re  man¬ 
aging  storage  as  efficiently  as  possible?  Perhaps. 

Eventually  however,  the  need  to  support  unstructured, scale- 
out  data  will  trump  the  need  to  support  data  that  is  structured 
and  SAN-oriented,  IDC  research  shows.  With  that  in  mind, 
smart  organizations  gradually  will  migrate  most  applications 
off  SANs  onto  ne\y  less  expensive,  commodity  storage  setups. 

A  new  enterprise  approach 

One  interesting  strategy  could  provide  an  evolutionary  step- 
pingstone  in  the  interim:  using  Web  services.  Championed  pri¬ 
marily  by  Xiotech,  the  idea  is  to  use  the  Web-services  APIs  and 
standards  available  from  such  organizations  as  the  World 
Wide  Web  Consortium  (W3C)  as  the  communications  link 
between  applications  and  storage. 

“The  W3C  has  a  nifty  simple  model  for  how  you  talk  between 
applications  and  devices.  It  includes  whole  sets  of  standards 
that  relate  to  how  you  provision  resources  in  your  infrastruc¬ 
ture,  back  to  the  application,”  says  Jon  Toigo,  CEO  of  analyst 
firm  Toigo  Partners  International.  ‘All  the  major  application 
providers  are  Web-services  enabled  in  that  they  ask  the  infra¬ 
structure  for  services.  But  nobody  on  the  storage  hardware 
side  is  talking  back  to  them.” 

Nobody  that  is,  except  Xiotech. 

Xiotech’s  new  Intelligent  Storage  Element  (ISE)  is  the  first 
storage  ware  to  talk  back,  although  other  vendors  quickly  are 
readying  similar  technology  Toigo  says.  ISE,  based  on  technol¬ 
ogy  Xiotech  acquired  with  Seagate  Technology  is  a  commod¬ 
ity  building-block  of  storage, supporting  as  many  as  40  disk  dri¬ 
ves  plus  processing  power  and  cache  that  can  be  added  to 
any  storage  infrastructure  as  needed.  Xiotech  claims  ISE  can 
support  anything  from  high-performance  transactional  pro¬ 
cessing  needs  to  scale-out  Web  2.0  applications. 

All  storage  vendors  should  work  to  Web-services-enable 
their  hardware  and  software  so  they  can  communicate  di¬ 
rectly  with  applications,  Xiotech’s  Powell  says. This  would  pre¬ 
clude  vendor  lock-in  and  let  enterprises  build  storage  envi¬ 
ronments  using  best-in-breed  tools  instead  of  sticking  with  the 
all-in-one-array  approach.“They’d  be  able  to  add  more  storage, 
services  or  management,  without  having  to  add  everything 
monolithically  to  a  SAN,”  Fbwell  says. 

Eventually  Web  services  support  will  have  virtualized  stor¬ 
age  environments  realizing  even  greater  efficiencies,  to  the 
point  where  applications  themselves  provision  and  deprovi¬ 
sion  storage.  “Today  when  we  provision  storage,  we  have  to 


::  JANUARY  26,  2009 


WWW 


NDC 


guess,  and  typically  we  either  over-  or  underprovision,”  Powell  says. ‘And  then, 
when  the  user  is  no  longer  using  it,  we  seldom  go  back  and  reclaim  the  storage. 
But  the  application  knows  exactly  what  it  needs,  and  when  it  needs  it.Via  Web 
services,  it  can  request  what  it  needs  on  the  fly  and  as  long  as  its  request  is  with¬ 
in  the  parameters  and  policies  we  set  up  initially  it  gets  it.” 

Web  services  already  have  proved  an  efficient  storage  tack  at  ISE  user 
Raytown  Quality  Schools  in  Missouri, says  Justin  Waterman,  technology  coordi¬ 
nator  for  the  school  system.The  system  went  with  Xiotech  shortly  after  it  moved 
to  a  new  data  center  and  created  an  all-virtual  server  infrastructure.  A  big  plus 
has  been  Xiotech’s  Virtual  View  software,  which  uses  Web  services  to  communi¬ 
cate  with  VMware’s  VirtualCenter  management  console  for  its  ESX  servers, 
Waterman  says.  He  can  manage  his  virtualized  server  and  storage  infrastructure 
from  a  single  console. 

“When  you  create  a  new  data  store, Virtual  View  shows  you  what  port  and  LUN 
[logical  unit  number]  is  available  to  all  of  your  ESX  hosts  in  that  cluster? 
Waterman  says. ‘And  when  you  provision  it,  it  uses  Web  services  to  communi¬ 
cate  with  VirtualCenter,  and  says, ‘OK,  this  is  the  data  store  for  these  ESX  hosts.’ 
And  you  automatically  have  the  data  store  there  and  available  to  use.You  don’t 
even  have  to  refresh  or  restore.” 

That  bit  of  automation  saves  on  administration,  but  enabling  the  application 
to  do  the  provisioning  and  de-provisioning  would  be  an  even  greater  boon, 
Waterman  says.  “It’s  really  hard  to  get  more  staff,  and  you  only  have  so  many 
hours  in  the  day  If  you  don’t  have  to  tie  your  staff  up  with  the  repetitive  tasks  of 
carving  up  space  and  assigning  it, so  much  the  better? 

If  they  build  it . . . 

Now  Waterman  is  using  a  Web  service  from  Xiotech  partner  Eagle  Software 
to  improve  the  school  system’s  backup  times. 

Eagle,  a  storage  reseller,  provides  Raytown  with  backup  software  from  Comm- 
Vault  Systems.“The  Web-services  tool  lets  us  mirror  our  data,  pause  that  mirror, 
attach  that  to  the  backup  server,  back  it  up,  then  disconnect  it  from  the  backup 
server,  unpause  the  mirror,  and  re-sync  that  data  so  we  don’t  have  to  push  it 
across  our  Ethernet  network,”  Waterman  says. 

Like  Eagle,  companies  are  starting  to  develop  pieces  to  put  Web-services- 
enabled  storage  all  together, Waterman  adds.  Such  small,  point  approaches  are 
the  norm  today,  but  experts  say  that  in  five  or  10  years,  every  application  and 
every  device  will  use  some  kind  of  software  glue,  such  as  Web  services,  to  pro¬ 
vide  a  range  of  storage  and  IT  services  in  an  automated,  efficient  manner. 

“It  would  have  to  be  levels  of  software  that  create  services  that  include  com¬ 
puting  resources,  network  and  storage  infrastructure, and  the  retention  and  reli¬ 
ability  metrics  associated  with  all  of  those  components,”  Symantec’s  Soderbery 
says.“It  will  be  a  combination  of  the  point  solutions  we  see  now,  like  VMware 
and  SAN  virtualization  via  Cisco  and  Brocade,  plus  thin  provisioning,  replica¬ 
tion  and  deduplication.  We’re  going  to  require  all  of  those  things  to  work  in 
concert  with  a  level  of  software  that  ties  them  together  cohesively  to  provide 
those  appropriate  levels  of  service  to  the  application.” 

Others,  including  Ken  Steinhardt,  CTO  for  customer  operations  at  EMC,  are 
less  optimistic.  “If  someone  could  write  something  magical  that  does  things 
that  we’d  love  to  have,  wouldn’t  that  be  great?”  he  asks  rhetorically 

That  would  take  a  miracle, Steinhardt  says.“The  tools  to  write  software  are  out 
there,  but  the  catch  is  it’s  just  not  that  simple.You  need  to  be  able  to  have  a  solu¬ 
tion  that  works  broadly  across  a  range  of  applications  as  well, and  typical, high¬ 
ly  consolidated  environments  run  a  mix  of  broad,  diverse  apps,  not  just  a  sin¬ 
gle  application.  I  don’t  see  it  happening,”  he  says. 

The  Web  services  model  is  too  much  of  a  stretch  to  Steinhardt:  “From  a  stor¬ 
age  perspective,  Web  services  are  a  completely  separate  issue.  We’re  talking 
about  storing  zeros  and  ones  on  a  storage  device. That’s  pretty  agnostic  to  the 
individual  application  and  always  has  been,”  he  says. 

Not  so,  analyst  Toigo  asserts.  Web  services  provide  a  common  framework, 
so  by  default,  they  can  support  every  application. “People  need  to  tell  their 
vendors, ‘Look,  I’m  not  buying  your  junk  anymore  if  I  can’t  manage  it  using 
this  common  [Web  services]  metaphor,”’  he  says.  “That  puts  you  in  the  dri¬ 
ver’s  seat.” 

Cummings  is  a  freelance  writer  in  North  Andover,  Mass.  She  can  be  reached 
at  joanne@cummingslimited.  com. 


SunGard  Availability  Services  help  your  business  move  forward  with 
the  most  advanced  and  widest  choice  of  information  availability  options 
in  the  industry 


From  virtualization  to  hot  sites  to  replication  and  vaulting— SunGard  Availability  Services 
does  it  all.  And  it’s  all  we  do.  That  kind  of  focus  helps  ensure  high  availability  of  data, 
applications  and  systems  and  fits  your  needs  and  budget  precisely. 

When  we  partner  with  you,  you  worry  less  about  the  road  ahead.  Here’s  why: 
a  track  record  of  100%  successful  recoveries;  over  60  facilities  with  redundant 
power  connected  to  SunGard’s  secure  global  network;  and  more  than  20,000  end- 
user  positions  in  facilities  across  North  America  and  Europe.  SunGard  Availability 
Services— the  information  availability  solution  for  businesses  that  must  run  non-stop. 
Keep  moving,  call  1-800-468-7483  orvisitwww.availability.sungard.com. 
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Alerting  is  an  important 
aspect '(of  thin  provisioning] 
that  we  originally  missed. IT 

MATT  YOTKO,  SENIOR  IT  DIRECTOR,  IAC 


senior  IT  director  at  New  York  media  conglomerate  IAC, 
speaking  about  one  of  the  biggest  misconceptions  sur¬ 
rounding  thin  provisioning. 

You’ve  got  to  take  the  critical  step  of  setting  threshold 
alerts  within  your  thin-provisioning  tools  because  you’re 
allowing  applications  to  share  resources,  Yotko  says. 
Otherwise,  you  can  max  out  your  storage  space,  and  that  can 
lead  to  application  shutdowns  and  lost  productivity  because 
users  can’t  access  their  data. 

“You  can  get  pretty  close  to  your  boundary,  fast,  and  that 
can  lead  to  panicked  calls  asking  your  vendor  to  rush  you  a 
bunch  of  disks.  Alerting  is  an  important  aspect  that  we  origi¬ 
nally  missed, ’’Yotko  says. 

Yotko  has  since  integrated  threshold  alerts  for  lAC’s  3Par 
array  into  a  central  network  management  system,  he  says. 


Hold  on  a  sec  . . . 

IT  executives  shouldn’t  let  these  benefits,  attractive  as  they  are,  blind 
them  to  the  technology’s  requirements,  early  adopters  say.  You  can’t  just 
flip  the  switch  on  your  storage  pool  and  walk  away,  says  Matthew  Yotko, 


§1  Next-generation  storage  is  all  about  dynamic  allocation  of  resources,  and 
thin  provisioning  can  get  that  job  done  quickly  and  easily  —  but  not  carefree. 

As  thin  provisioning  —  also  called  dynamic  provisioning  or  flex  volumes 
—  becomes  a  standard  feature  in  virtual  storage  arrays,  IT  executives  and 
other  experts  warn  that  dynamic  resource  allocation  is  not  a  one-size-fits- 
all  proposition.  Applying  the  technology  in  the  wrong  way  could  create  a 
major  disaster,  they  caution. 

“Vendors  have  made  it  so  that  IT  teams  think, ‘Thin  provisioning  is  so  easy, 
why  wouldn’t  we  use  it?’  But  some  major  thinking  has  to  go  into  how  your 
storage  network  is  actually  architected  and  deployed  to  benefit  from  the 
technology?’ says  Noemi  Greyzdorf,  research  manager  at  IDC. 

In  traditional  storage  networks,  IT  has  to  project  the  amount  of  storage  a 
particular  application  will  need  over  time,  then  cordon  off  that  disk  space. 
This  means  buying  more  hardware  than  is  needed  immediately,  as  well  as 
keeping  poorly  utilized  disks  spinning  ceaselessly  —  a  waste  of  money 
and  energy  resources. 

With  thin  provisioning,  IT  can  keep  storage  growth  in  check  because  it 
need  not  commit  physical  disk  space  for  the  projected  amount  of  storage 
an  application  requires.  Instead,  IT  relies  on  a  pool  of  disk  space  that  it 
draws  from  as  the  application  needs  more  storage.  Having  fewer  idling 
disks  means  better  capacity  management,  increased  utilization,  and  lower 
power  and  cooling  consumption. 
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REMOTE  MONITORING  SOLUTIONS 


Monitor  the  REST  of 


Your  Computer  Room! 


Physical  Security 
Video 

Temperature 
Power  Problems 
Water  on  the  Floor 
Humidity 
Smoke  and  Fire 
And  much  more 


Instant  Notification  by  Phone  or 
E-mail  when  events  threaten  your 
Infrastructure. 


New  solutions  starting 
at  under  $ 1,000 

Dealers  Wanted 

Contact  us  today  to  discuss  your  application 
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•Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 


Buffer  options: 

256  MB . 

512MB . 


NEW! 
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Learn  more.  Visit  www.networkTAPs.com, 
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Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical  nTAPs  for  full-duplex  analyzer  systems. 
Free  overnight  delivery* 
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www.networkTAPs.com  •  1-866-GET-nTAP 


C€ 


x  'Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  1 2  p.m.  Central  Time. 
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How  Do  You  Monitor, 
Distribute  &  Control 
High  Density  Cabinet 
Power  In-Feeds? 
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Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 
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With  Sentry™!  H 

Switched  &  Smart  3-Phase  Power  Distribution  Units 


>  High  Power  Distribution: 

208V  3-Phase  30A/60A  or  400V  3-Phase  16A/32A 
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>  Flexible  Mounting: 

Zero  U  or  Modular  mounting  inside  the  cabinet 


>  Delta  or  Wye  In-Feeds: 

Wye  in-feeds  can  also  provide  120V  power  outputs 


>  Multiple  Outlet  Types: 

IEC  Cl  3,  Cl  9  &  NEMA  5-20R  outlets  in  multiple 
configurations 


>  Local  Current  LED's: 
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Verification  of  input  current  and  for  load  balancing. 


>  Environmental  Monitoring: 

External  temperature  &  humidity  probes. 
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>  Linking: 

Links  (2)  units  with  (1)  IP  address  for  Remote  Monitoring 

>  Remote  Control,  Monitoring  and  Security: 

Web  interface,  SSL,  SSH,  Telnet,  SNMP,  FTP,  SNTP,  tyslog,  ; 
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LDAP  &  LDAPS,  TACACS+  &  RS-232  access 
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Thin  provisioning,  continued  from  page  32 

Doing  that  lets  him  keep  tabs  on  how  myriad  file,  e-mail, 
domain-controller  and  Web-application  servers  for  15  busi¬ 
ness  units  are  handling  the  shared  resource  pool. That  pool 
supports  more  than  25TB  of  data,  he  adds. 

Yotko  also  calculates  the  time  between  an  application 
reaching  its  threshold  and  storage  being  drained,  and 
adjusts  his  alerts  accordingly  If  the  window  is  too  close,  he 
pads  it.The  goal  is  to  allow  sufficient  time  for  adding  capac¬ 
ity  —  and  avoiding  a  disaster,  he  says. 

By  setting  and  fine-tuning  his  alerts,  Yotko  reports  being 
able  to  realize  utilization  rates  of  more  than  80%  among  his 
array,  a  flip  from  the  less  than  20%  he  had  realized  before 
thin  provisioning. 

No  dumping  here 

Another  common  mistake  IT  teams  make  is  thinking  that 
every  application  is  a  candidate  for  thin  provisioning,  says 
Scott  McCullough,  manager  of  technical  operations  at 
Pittsburgh-based  manufacturer  Mine  Safety  Appliances. 

“The  only  applications  that  can  take  advantage  of  thin 
provisioning  are  those  for  which  you  can  predict  storage 
growth,”  McCullough  says.  For  that  reason,  he  uses 
NetApp’s  Provisioning  Manager  to  oversee  resource  pools 
for  his  Web  servers,  domain  controllers  and  Oracle  data¬ 
base,  but  not  the  company’s  high-volume  SQL  Server. That 
server  would  quickly  drain  any  projected  resource  allot¬ 
ment,  he  says. 

Before  he  thin-provisions  an  application,  McCullough 
studies  its  performance  to  make  sure  it  won’t,  endanger  the 
pool.  “It  doesn’t  make  sense  to  take  up  all  your  resources 
and  potentially  starve  other  applications,”  he  says. 

“You  definitely  need  to  be  able  to  forecast  or  trend  the 
application’s  trajectory?’  IDC’s  Greyzdorf  says.  Biomedical 
and  other  science  programs  can  be  particularly  tricky  for 
thin  provisioning,  she  notes,  because  they  can  start  off 
needing  200GB  of  storage  and  quickly  skyrocket 
to  3TB  with  the  addition  of  a  single  project. 

Choosing  the  wrong  applications  to  thin- 
provision  not  only  endangers  your  entire  stor¬ 
age  pool,  but  also  negates  any  management  and 
budget  relief  you  might  gain  otherwise.  Done 
correctly  thin  provisioning  should  reduce  the 
overall  time  spent  configuring  and  deploying 
storage  arrays.  If  applications  continuously  hit. 
their  thresholds,  however,  and  you’re  forced  to 
add  capacity  on  the  fly  that  benefit  is  quickly 
negated,  costing  you  in  terms  of  personnel  and 
budget. 

This  concern  has  ResCare  rolling  out  thin- 
provisioning  piecemeal,  says  Daryl  Walls,  man¬ 
ager  of  system  administration  at  the  Louisville, 

Ky,  healthcare  support  and  services  provider. 

“We  are  cautious  about  our  deployments.  We 
evaluate  each  implementation  to  see  whether  it 
makes  sense  from  an  application,  server  and 
storage  point  of  view;”  he  says. 

Once  his  applications  have  been  thin- 
provisioned,  Walls  closely  monitors  them  to 
make  sure  that  usage  patterns  don’t  change  dra¬ 
matically  In  the  worst  case,  that  would  require 
them  to  be  removed  from  the  pool. “A  few  times 
we’ve  underestimated,  usage  has  crept  up  on  us, 
and  we’ve  received  alerts  saying, ‘You’re  at  70% 
to  80%  utilization,”’ he  says.  In  those  instances,  IT 
teams  must  decide  whether  to  expand  the 
application’s  allotment,  procure  more  resources 
or  move  the  application  off  the  system. 
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What  goes  where 

Thin  provisioning  can  wreak  havoc  on  your  network  if  you  don’t  have 
proper  allotment  policies  in  place,  says  Matt  Vance,  CIO  at  Nutraceutical,  a 
health  supplements  company  in  Park  City  Utah. 

“IT  has  always  managed  and  controlled  space  utilization,  but  with  thin 
provisioning  you  can  get  a  false  sense  of  security  We’ve  found  that  even  with 
a  resource  pool,  you  still  need  to  take  responsibility  in  managing  the  way 
people  receive  and  use  storage.  Otherwise  you  wind  up  wasting  space,  and 
that’s  hard  to  clean  up  after  the  fact, ’’Vance  says. 

For  instance,  being  lax  about  monitoring  the  amount  of  space  users  and 
applications  are  absorbing  can  lead  to  overspending  on  hardware  and 
software,  and  necessitate  an  increase  in  system  management.  This  is 
particularly  concerning  in  Vance’s  environment,  where  the  principal  driver 
for  moving  to  virtualization  and  thin  provisioning  was  the  need  to  bring 
high-performance  database  applications  online  quickly  without  breaking 
the  bank  on  storage  requirements. 

Reporting  tools  have  become  essential  at.  Nutraceutical.  Each  time  an 
application  nears  its  threshold,  Vance  turns  to  Compellent  Technologies’ 
Storage  Center  software  tools  to  analyze  how  the  server  used  its  storage 
space.  “We  then  decide  whether  it  was  used  appropriately  or  if  we  need  to 
tweak  our  policies,”  he  says. 

Vance  says  he  is  a  solid  proponent  of  thin  provisioning,  but  he  cautions  his 
peers  to  stave  off  the  complacency  that  automation  can  bring  on:“We  can’t 
let  the  pendulum  swing  so  far  toward  automation  that  we  forget  to  identify 
where  IT  still  has  to  be  managing  its  resources.” 

Gittlen  is  a  freelance  technology  editor  in  the  greater  Boston  area.  She  can 
be  reached  at  sgittlen@verizon.net. 


WHERE  TO  FIND  THIN  PROVISIONING 

Offered  with  which  storage 


Company 

Thin  provisioning  tool 

virtualization  product/s? 

Pricing 

3Par 

3Par  Thin  Provisioning 

3Par  Utility  Storage  Platform 

Based  on  amount  of  written 
capacity,  but  3Par  does  not 
disclose  pricing  specifics. 

Compellent 

Technologies 

Dynamic  Capacity 

Storage  Center 

Not  available. 

■ 

DataCore  Software 

Virtual  Capacity 

SANmelody  and  SANsymphony 

Not  available. 

EMC 

Virtual  Provisioning 

Symmetrix  Enginuity,  Clariion  Flare 
and  Celerra  DART  operating  systems 

Not  available. 

HP  StorageWorks 
Division 

Dynamic  Capacity 
Management 

HP  StorageWorks  Enterprise  Virtual 
Array  (EVA)  suite 

Software  license  cost 
ranges  from  $5,600  to 
$13,000,  based  on  storage 
capacity  by  EVA  model. 

IBM 

Space-Efficient  Virtual 

Disks 

IBM  System  Storage  SAN  Volume 
Controller  (SVC) 

Available  at  no  additional 
charge  with  a  license  for 

SVC  base  storage  virtualiza¬ 
tion  function. 

LeftHand  Networks, 
an  HP  company 

SAN/iQ  Thin  Provisioning 

Virtualization  SAN,  Multi-Site  SAN, 
Starter  SAN  and  all  other  of  its  SAN 
products 

No  extra  cost. 

NetApp 

NetApp  FlexVol 

• 

Data  ONTAP  7G 

. 

Comes  at  no  extra  cost 
with  Data  ONTAP  7G,  which 
is  free  with  NetApp  FAS 
and  V-Series  Systems. 

Symantec 

Veritas  Storage  Foundation 

Veritas  Storage  Foundation  family 

Starts  at  $695  per  server. 
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THE  BIG 
DA1A-CENTER 

With  Fibre  Channel  over 
W  Ethernet  now  a  reality  enter- 

^  u  pj-j ses  prepare  for  data  and 

storage  convergence 


newdatacenter 


■  For  the  County  of  Los  Angeles  —  with  more  than  10  million 
residents,  the  nation’s  largest  county  —  the  timing  couldn’t  be 
better  for  the  arrival  of  Fibre  Channel  over  Ethernet  on  the  data¬ 
center  scene. 

L.  A.  County  is  in  the  middle  of  a  server  virtualization  initiative, 
a  data-center  redesign  and  construction  of  a  new  data  center 
scheduled  for  completion  in  late  2011.  “When  we  put  those 
three  things  together,  we  knew  we  needed  a  new  design  that 
could  accommodate  them  all,”  says  Jac  Fagundo,  the  county’s 
enterprise  solutions  architect. 

Because  it  can  unite  data  and  storage  networks  on  a 
lOGigabit  Ethernet  fabric,  FCoE  enabled  Fagundo  to  turn  that 
design  vision  into  a  reality 

The  plan  for  the  new  data  center  calls  for  extending  virtual¬ 
ization  beyond  hosting  servers  to  data  and  storage  networks, 
and  includes  an  overhaul  of  the  county’s  stovepipe  approach  to 
storage  and  server  deployments.“We  realized  we  were  going  to 
have  to  integrate  the  storage,” Fagundo  says, “so  we  decided,  why 
not  go  a  step  further  and  integrate  the. storage  and  IP  networks 
in  the  data  center?” 


The  county  started  looking  at  FCoE  as  an  option  about  a  year  ago.  It 
turned  to  Cisco,  its  Ethernet  switch  vendor,  and  last  September  completed 
a  proof-of-concept  trial  using  the  Nexus  7000  and  5000  switches. 
Introduced  last  year,  these  switches  represent  Cisco’s  biggest  push  yet  into 
the  enterprise  data  center.  The  5000  supports  a  prestandard  version  of 
FCoE,  while  the  7000  will  be  upgraded  with  FCoE  features  once  the 
American  National  Standards  Institute  finalizes  the  FCoE  standards,  proba¬ 
bly  later  this  year.  Cisco  currently  is  the  only  vendor  offering  FCoE  support. 
Its  chief  Fibre  Channel  competitor,  Brocade  Communications,  is  beta¬ 
testing  an  FCoE  switch  and  plans  to  make  it  available  later  this  year. 
Juniper  Networks  also  is  considering  adding  FCoE  capability 
to  its  data-center  switches  —  if  customer  demand  war¬ 
rants  it,  the  company  says. 

L. A. County  is  replacing  eight  Cisco  Catalyst  6500 
Ethernet  switches  with  two  Nexus  7000 
switches  in  its  data-center  core,  and  will 
add  a  Nexus  5000  switch  to  the  data- 
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center  distribution  network.  The  county  expects  to  have  live 
traffic  running  through  the  switches  by  spring. 

“This  is  a  multiyear  project  where  the  platform  features 
will  evolve  as  we  migrate  into  it,”  Fagundo  says. “Our  next- 
generation  data  center,  of  which  the  Nexus  switches  and 
FCoE  are  a  part,  is  a  design  that  we  plan  to  implement  over 
the  next  five  years.” 


A  technology  for  tough  times 

For  large  enterprises  operating  distinct  Fibre  Channel  stor¬ 
age-area  networks  (SAN)  and  Ethernet  data  networks,  FCoE’s 
potential  benefits  and  cost  savings  are  promising,  even 
though  the  technology  requires  new  hardware. 

“The  rule  of  thumb  is  that  during  tight  economic  times, 
incumbent  technologies  do  well  and  it’s  not  wise  to  introduce 
a  new  technology  —  unless  your  proposition  is  one  of  eco¬ 
nomic  favor’’  says  Skip  Jones,  president  of  the  Fibre  Channel 
Industry  Association  (FCIA).‘And  that’s  exactly  what  FCoE  is.” 

Jones  has  an  obvious  bias  toward  FCoE, 
but  Bob  Laliberte,  analyst  at  Enterprise 
Strategy  Group,  agrees.  “The  economy  will 
certainly  get  more  companies  to  look  at 
FCoE,”  he  says.  “If  vendors  can  show  how 
FCoE  can  reduce  the  cost  of  powering, 
cooling  and  cabling,  that  will  be  a  com¬ 
pelling  reason  for  companies  to  look  at  it.” 

At  a  minimum,  adopting  FCoE  lets  a 
company  consolidate  server  hardware 
and  cabling  at  the  rack  level.That’s  the  first 
step  in  moving  to  FCoE.  Then  more  con¬ 
solidation  can  take  place  in  the  core 
switching  fabric,  and  that  reduces  costs 
even  further.  Ultimately,  storage  arrays  will 
support  FCoE  natively  (NetApp  already 
has  announced  such  a  product),  making 
end-to-end  FCoE  possible. 

L.A.  County’s  Fagundo  expects  substan¬ 
tial  cost  savings  from  using  FCoE,  although 
he  declined  to  share  detailed  estimates.  He 
did  say  however,  that  power  consumption 
alone  will  be  cut  in  half  when  the  eight 
Cisco  Catalyst  switches  are  consolidated 
into  two  Nexus  switches.  In  addition,  FCoE 
will  let  the  county  reduce  server  hardware 
and  cabling  by  using  a  converged  network 
adapter  (CNA)  to  replace  Ethernet  net¬ 
work  interface  cards  and  Fibre  Channel 
host  bus  adapters. 

The  cost  savings  in  infrastructure,  com¬ 
ponents,  edge  devices  and  cabling  are 
compelling  reasons  to  consider  FCoE, 
agrees  Ian  Rousom,  corporate  data-center 
network  architect  at  defense  contractor 
Lockheed  Martin  in  Bethesda,Md.“Cabling 
is  often  overlooked,  but  you  potentially 
can  eliminate  one  of  two  cable  plants 
using  FCoE.  If  you  consolidate  racks,  you 
eliminate  the  biggest  source  of  cable 
sprawl  in  the  data  center” 

Cisco  estimates  that  enterprises  can 
expect  a  2%  to  3%  savings  in  power  con- 
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sumption  during  FCoE’s  rack-implementation  phase,  and  a  total  of  about  7% 
savings  once  FCoE  is  pushed  into  the  data-center  core. 

Tall  orders  for  FCoE 

The  promise  of  FCoE  lies  in  a  merged  data  and  storage  network  fabric,  but 
making  the  integration  happen  isn’t  easy  and  shouldn’t  be  done  without  care¬ 
ful  planning.  Typically  in  an  enterprise,  network  and  storage  management 
teams  don’t  work  together. That  has  to  change  with  FCoE. 

“Certainly  at  a  minimum,  collaboration  between  Ethernet  and  Fibre  Channel 
departments  will  have  to  increase,  and  merging  the  two  would  not  be  a  bad 
idea,”  says  Rousom,  who  is  considering  FCoE.  “The  people  who  manage  the 
infrastructure  have  to  agree  on  policy  change  processes,  troubleshooting  poli¬ 
cies  and  the  configuration  management  process.” 

That  could  be  a  tall  order  in  many  enterprises,  FCIAs  Jones 
says.“Network  and  storage  administrators  drink  different  kinds  of 
tea;  they’re  different  breeds.There  will  be  some  turf  wars.” 

L.A.  County  has  dealt  with  those  differences  by  combining  its 
data-center  storage  and  network  groups  under  a  single  manage¬ 
ment  umbrella.  Initially  the  groups’  engineering  staffs  were  con¬ 
cerned  about  merging,  Fagundo  says.  “Then  they  started  con¬ 
tributing  to  the  design  and  proof  of  concept,  and  now  they’re 
happy  about  it.” 

Beyond  cultural  issues,  enterprises  must  communicate  with 
their  server  vendors  to  find  out  whether  their  platforms  support 
CNAs  as  opposed  to  separate  Ethernet  and  Fibre  Channel 
adapters,  Rousom  says.  IT  managers  also  must  consider  security 
ramifications.“lf  the  Fibre  Channel  network  has  a  firewall  or  spe¬ 
cial  security  features,  the  FCoE  products  may  not  offer  those  as 
part  of  their  feature  sets,”  he  explains. 

For  now,  FCoE  is  gaining  traction  with  such  early  adopters  as 
L.A.  County  where  unique  circumstances  have  made  the  time 
right  to  consider  a  big  change.  Many  more  IT  executives  will  take 
a  more  cautions  approach,  however,  as  Rousom  is  doing. 

“The  fact  that  FCoE  is  still  in  the  standards  process  tells  me  that 
there  is  still  potential  for  change  at  the  hardware  level  before  this 
is  all  complete,”  Rousom  says.  “That,  more  than  anything,  is  pre¬ 
venting  me  from  buying  it.” 


Bushaus  is  a  freelance  technology  writer  in  the  Chicago  area. 
She  can  be  reached  at  dbushaus@mindspring.com. 


FCoE  INSIDE  THE  DATA  CENTER 

Fibre  Channel  over  Ethernet  enables  the  convergence  of  data  and  storage  networks 

over  a  10  Gigabit  Ethernet  fabric. 
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And  five 
vendors 
push  ins 
flash-based 
solid-state 

■ISloiy  technology 

into  the 

erfierprise’s  storage  enterprise 
arsenal,  and  for  r 

good  reason.  Flash- 
Based  approaches 
provide  better  per¬ 
formance  and  consume  less  energy  than 
systems  relying  on  traditional  rotating 
disk  drives. You  now  can  find  solid-state 
memory  embedded  in  servers,  storage 
arrays  and  even  in  a  newfangled  disaster- 
recovery  device.  Here  are  five  innovators. 


Axxana:  Black  boxes  for  stored  data 

This  Israeli  start-up  has  developed  a  unique  approach 
to  disaster  recovery  —  one  possible  only  because  of 
flash  memory,  company  founders  say.  Modeled  on  the 
concept  of  airplane  black  boxes,  Axxana’s  400-pound 
Phoenix  is  designed  to  survive  natural  disasters  and  ter¬ 
rorist  attacks  —  basically  anything  short  of  a  nuclear 
bomb.  In  addition,  the  Phoenix  can  transmit  data  wire¬ 
lessly  should  the  box  be  irretrievable  after  a  disaster. 

Standard  rotating  disk  drives  aren’t  robust  enough  for 
this  type  of  application.  “We  didn’t  want  to  use  mechanical 
devices  that  are  sensitive  to  vibrations  and  shock,”  says 
CTO  Alex  Winokur.“If  there  is  a  sudden  shock,  the  head  can 
scratch  the  surface.” 

Axxana  ruled  out  using  dynamic  random  access  mem¬ 
ory  (DRAM)  because  of  the  risk  of  losing  data.  Unlike  flash, 
DRAM  requires  backup  batteries  to  prevent  data  loss 
should  the  power  go  out. 

The  engineering  team  chose  flash  also  because  of  its  low 
power  consumption.  Axxana  was  careful  not  to  generate 
too  much  heat  inside  the  box.  “It’s  a  huge  technical  and 
mechanical  problem  to  solve,  really  —  how  to  isolate  the 
box  from  the  outside  and  dissipate  enough  heat  from 
inside,”  Winokur  says. 

Axxana  uses  STEC  flash  drives,  which  were  chosen 
for  their  resiliency,  speed  and  3.5-inch  form  factor. The 
drive  capacity  runs  at  73GB  to  300GB.  That  may  not 
sound  like  much,  but  Phoenix’s  innovative  design  does¬ 
n’t  require  much  storage. The  box  is  used  in  combina¬ 
tion  with  asynchronous  mirroring,  which  can  replicate 
data  to  other  sites  at  any  distance.  Some  bits  of  data 


are  lost  during  this  process,  and  only  those  bits  of  data  are  stored  on  the 
Axxana  system. 

In  beta  now,  Phoenix  will  be  available  at  the  end  of  this  quarter,  the  company 
says.  Target  customers  are  in  the  financial  services,  healthcare,  manufacturing, 
retail  and  government  industries. 

Axxana  has  not  disclosed  pricing,  but  says  the  cost  will  be  in  the  six-figure  range. 

EMC  !  Priming  the  flash  market 

EMC  didn’t  invent  flash  memory  but  its  decision  to  add  flash-based  disks  to  its 
flagship  Symmetrix  arrays  a  year  ago  sent  a  clear  signal  to  the  industry:  Flash  is 
ready  for  the  enterprise. 

“It  got  people  to  think  about  solid-state  disks  (SSD)  and  get  comfortable  with 
them  in  the  enterprise  environment,” says  Burton  Group  analyst  Gene  Ruth  “It  was 
a  signal  that  the  technology  is  viable  and  credible.” 

One  EMC  flash  buyer  is  Michigan’s  state  government,  which  has  1TB  of  flash  as 
part  of  a  Symmetrix  DMX-4  array  The  state  has  a  latency  problem  with  the  retrieval 
of  PDF  files,  largely  court  documents,  within  its  EMC  Documentum  content  man¬ 
agement  system,  says  Rick  Hoffman,  storage  administrator  for  the  state.  “Online 
transaction  systems  are  so  intense  that  we’re  looking  at  ways  to  speed  up  the  trans¬ 
actional  processing,  as  well  as  decrease  the  batch  [processing]  times,”  he  says. 

EMC’s  approach  causes  little  disruption  because  it  replaces  some  of  the  hard 
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disks  in  a  Symmetrix  array  with  SSDs,  Ruth  notes.  EMC  calls  this  “tier  zero,”  a 
new  tier  of  storage  for  applications  that  require  extremely  fast  data  retrieval. 

Placing  SSDs  in  existing  arrays  also  means  being  able  to  manage  them  along 
with  the  rest  of  the  disks  within  the  array,  adds  Andrew  Reichman,  a  Forrester 
Research  analyst.  EMC  nevertheless  should  develop  a  way  to  move  data  auto¬ 
matically  among  different  tiers  based  on  usage  patterns,  so  that  the  most  fre¬ 
quently  used  data  is  on  SSD  and  less  frequently  used  data  is  moved  to  less  expen¬ 
sive  disk,  he  says. 

As  it  stands  now,  storage  administrators  have  to  be  quite  knowledgeable 
about  which  volumes  belong  on  tier  zero  and  move  data  to  each  tier  manually 
A  better  tactic  would  be  to  move  data  automatically  around  the  different  tiers 
as  performance  needs  change,  Ruth  says.  This  is  an  approach  Sun  has  taken 
with  its  new  Amber  Road  storage  appliances,  which  use  the  Solaris  ZFS  file  sys¬ 
tem  to  recognize  different  I/O  patterns  and  move  data  around  automatically  to 
make  the  best  use  of  each  tier. 

Symmetrix  systems  generally  start  at  $200,000  for  about  10TB. Customers  adding 
flash  to  the  array  must  buy  at  least  four  73GB  drives.  On  a  per-gigabyte  basis,  flash 
is  about  20  times  more  expensive  than  traditional  drives, says  Bob  Wambach.EMC 
storage  marketing  director. 


Fusion-io:  Flash  in  the  SAN 

Fusion-io  brought  an  inexpensive  yet  effective  approach  to  the  flash-storage 
market  in  late  2007  when  it  introduced  the  ioDrive  —  a  PCI  Express  (PCle)  card 
loaded  with  flash  memory  that  is  inserted  directly  into  servers. At  the  time,  Fusion- 
io  boasted  that  the  ioDrive,  at  a  starting  price  of  just  less  than  $3,000,  delivers 
100,000  I/O  operations  per  second,  equivalent  to  the  IOPS  of  about  1,000  typical 
disk  drives  aggregated  in  a  storage-area  network  (SAN). 

The  ioDrive  has  a  downside,  however: The  flash  memory  is  limited  to  the  server 
in  which  the  PCle  card  is  inserted. 

Fusion-io  is  eliminating  that  problem  with  a  product  called  the  ioSAN,  which 
takes  the  vendor’s  basic  PCle  card  and  adds  two  network-interface  ports  that 
transport  data  using  InfiniBand  or  10  Gigabit  Ethernet.  With  just  one  Fusion-io 
card,  flash  memory  can  be  made  available  to  all 
servers  in  the  network.  Alternatively  storage  man¬ 
agers  can  aggregrate  multiple  ioSANs  into  what 
appears  as  one  logical-unit  number.  Using  flash 
minimizes  the  cost  of  cables  and  management 
software,  the  company  says. 

“Fusion-io’s  approach  is  certainly  novel,”  says 
1DC  analyst  Jeff  Janukowicz.  By  locating  flash 
closer  to  the  servers,  it  eliminates  system  bottle 
necks  and  vastly  improves  performance,  he  adds. 

IoSAN  is  in  beta  tests  at  a  few  large,  unnamed 
deployments  and  probably  won’t  be  available 
until  the  second  half  of  2009,  the  company  says. 

IoDrive  customers  are  not  necessarily  targets  for 
the  ioSAN.  For  example,  San  Francisco-based 
Wine.com  uses  six  ioDrives  for  a  large  ERP  data¬ 
base  because  it  realized  that  upgrading  its  current 
SAN  would  be  expensive  and  provide  only  mod¬ 
est  performance  improvements.  The  ioDrives  pro¬ 
vide  “a  pretty  amazing  performance  difference,” 
says  CTO  Geoffrey  Smalling. 

Smalling  is  satisfied  with  the  ioDrive,  however, 
and  probably  won’t  need  to  upgrade  to  the 
ioSAN,  he  says: “We’ve  got  enough  storage.” 
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DRAM:  Dynamic  random 
access  memory,  commonly  used  in 
solid-state  drives.  It  requires  power  to 
prevent  data  loss. 

FLASH:  Type  of  memory  com¬ 
monly  used  in  portable  consumer 
devices  and  solid-state  drives;  it's  non¬ 
volatile,  meaning  no  power  is  needed 
to  preserve  data. 


HARD-DISK 
DRIVE:  A  device  that  stores 
data  on  rapidly  rotating  platters  with 
magnetic  surfaces. 


spansion: 

From  cell  phones  to  servers 


This  company  is  a  newcomer  to  the  enterprise 
IT  space,  but  not  to  flash.  It  has  made  its  name 
over  many  years  embedding  flash  memory  in  cell 
phones,  automobiles  and  consumer  electronics. 
Now  Spansion  is  developing  EcoRAM  flash  mem¬ 
ory,  which  it  intends  to  embed  in  servers  to  speed 


NAND:  A  type  of  flash  mem¬ 
ory;  commonly  used  in  USB  flash  dri¬ 
ves  and  memory  cards. 

NOR:  A  second  type  of  flash 
memory;  offers  much  faster  read  times 
than  NAND. 

SOLID-STATE 
DRIVE:  Storage  devices  with 
no  moving  parts;  less  fragile  than 
hard  disks. 
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such  read-intensive  applications  as  Internet  search.  “It’s 
really  looking  for  some  new  way  to  go  beyond  traditional 
DRAM,”  IDC’s  Janukowicz  says. 

While  the  other  companies  highlighted  in  this  story 
rely  on  NAND  flash  memory,  Spansion  uses  NOR  flash. 
NOR  doesn’t  offer  anything  special  in  terms  of  write 
speeds,  but  is  approximately  100  times  faster  than  NAND 
when  it  comes  to  reads,  says  Jan  Silverman,  vice  presi¬ 
dent  of  Spansion’s  storage-server  business  unit. 

A  server  might  have  100GB  of  conventional  disk  and  1GB 
of  DRAM  for  main  memory,  Silverman  says.  When  data  is 
requested,  the  CPU  searches  main  memory;  if  it  isn’t  there, 
the  CPU  looks  for  it  on  disk.  It  then  transfers  the  data  to 
main  memory  for  the  requesting  application’s  use,  he  says. 
EcoRAM  replaces  the  conventional  disk  with  flash,  which 
is  treated  as  main  memory  readily  available  at  all  times. 

NOR  flash  and  DRAM  are  about  the  same  speed  for 
reads,  but  EcoRAM  has  the  advantage  of  being  able  to 
put  a  much  larger  data  set  onto  main  memory, Silverman 
says.  A  standard  x86  server  can  hold  as  much  as  half  a 
terabyte  of  EcoRAM  flash.  Some  DRAM  is  still  necessary 
to  serve  up  data  to  the  operating  system  and  application, 
but  all  random  searches  would  take  advantage  of  the 
server’s  flash  memory 

Spansion  expects  server  vendors  to  start  shipping 
EcoRAM-enabled  systems  this  quarter.  They  will  cost 
more  than  traditional  servers,  but  Spansion  predicts  its 
technology  will  let  customers  replace  four  traditional 
DRAM-based  servers  with  one  flash-based  server  and  cut 
total  costs  by  as  much  as  60%. 

IDC’s  Janukowicz  sees  no  readily  apparent  downsides 
to  Spansion’s  approach,  but  he  cautions  storage  man¬ 
agers  to  test  the  technology  carefully  before  using  it  with 
mission-critical  applications.  “It’s  more  of  an  unproven 
technology^’  he  says.  “We  certainly  have  years  of  history 
with  something  like  DRAM.” 

Texas  Memory  Systems: 

Bringing  the  big  guns 

Texas  Memory  has  developed  what  appears  to  be  the 
most  powerful  enterprise  flash-storage  system  yet,  breaking 
the  1  million  IOPS  barrier  with  the  RamSan-5000. 

Flash  isn’t  as  fast  as  Texas  Memory’s  DRAM-based  SSDs, 
but  aggregating  DRAM  is  cost-prohibitive,  IDC’s  Janukowicz 
says. “It’s  been  able  to  increase  the  storage  capacity  while 
offering  very  good  performance,”  he  says.  “The  raw 
performance  will  not  be  as  good  as  it  is  with  DRAM,  but 
you’re  getting  more  density  for  the  same  price.” 

The  RamSan-5000  is  ideal  for  critical  enterprise,  research 
and  government  applications,  such  as  large  online  trans¬ 
action  processing  systems  or  data  warehouses,  video  on 
demand,  data  rendering,  geospatial  analysis,  seismic  pro¬ 
cessing  and  data  acquisition,  the  company  says.  One  un¬ 
named  U.S.  customer  already  is  using  the  RamSan-5000, 
Texas  Memory  says. 

A  1  million  IOPS-capable  RamSan-5000  with  20TB  of 
RAID-protected  flash  memory  costs  roughly  $1.5  million, 
Texas  Memory  says.  It  combines  10  RamSan-500  arrays, 
each  of  which  delivers  100,000  IOPS. 

Wiland  Direct,  a  database  firm  outside  Denver  that  ana¬ 
lyzes  data  for  the  catalog  industry,  has  been  using  a 
RamSan-500  since  last  September  to  run  a  MySQL  data¬ 
base  that  handles  10  to  15  million  transactions  a  day 

“When  processing  such  huge  transaction  volumes,”  says 
Wiland  CTO  Phil  Tobias, “turnaround  time  is  crucial.”® 
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Place  your  bets  against  malware 


Mark  Gibbs 


i  he  response  to  my  recent  columns  on  mal¬ 
ware  have  ranged  from  admit  defeat,  wipe 
the  system,  and  start  again  to  fight  the 
good  fight  and  don’t  give  in. 

Reader  Richard  Dowdy  was  in  the  latter  cat- 
BACKSPIN  egory: “Don’t  give  in  to  malware  or  nuking!  I 
hang  my  head  in  shame  when  fellow  techs 
suggest  malware  is  too  tough  to  remove.  But, 
he  admits  there  is  an  argument  for  a  clean 
install:  Economics.“lf  you  are  paying  the  average  tech  to  deal  with  a 
particularly  nasty  infection,  a  clean  install  can  be  cheaper,  quicker 
and,  usually,  more  assured.” 

Dowdy  hit  the  nail  on  the  head.  Whether  you  are  going  to  fix  the 
problem  yourself  or  have  someone  else  do  it,  the  whole  thing  comes 
down  to  economics:  It  will  be  your  time  (which  is,  in  effect,  money)  or 
your  money  (which  is  real  money). 

The  other  issue  —  whether  you  can  be  assured  that  you’ve  killed  off 
the  malware  —  is  the  other  big  factor.  There’s  no  doubt  that  stripping  a 
machine  to  bare  metal  and  starting  again  is  the  most  reliable  way  to 
build  a  safe  machine,  which  leads  me  back  to  where  I  was  going  at  the 
end  of  last  week’s  Backspin. 

Allow  me  to  repeat  myself:  We  have  a  world  full  of  PCs  running  an 
operating  system  (Windows)  that  can  be  compromised  in  relatively 
easy  ways  that  are  hard  to  detect,  and  there  are  no  reliable  ways  to 
unwind  changes  if  we  do  find  out  we’ve  been  PWN’ed.And  the  obvi¬ 
ous  conclusion  is  that  things  are  going  to  get  a  lot  worse. 

How  could  things  get  worse?  People  sharing  quasi-active  content, 
more  compromised  Web  sites,  more  software  that  is  badly  engineered 
—  there  will  be  endless  opportunities  as  PCs  and  the  Internet  become 
evermore  pervasive. 


Now  the  malware  my  machine  had  was  not  much  more  than  a  pop¬ 
up  ad  server  (1  hope),  but  there  are  countless  rootkits  designed  to  steal 
data  such  as  account  names  and  passwords  and  credit-card  numbers. 

As  the  malware  vectors  increase  and  infections  rise,  we  can  expect 
identity  theft  to  soar.  Forget  incidents  such  as  Heartland  Payment 
Systems’  recent  loss  of  100  million  credit-card  transactions  —  fraudu¬ 
lent  use  of  malware-acquired  personal  data  will  become  far  more 
important  to  the  financial  world  and  the  government. 

So,  what  are  we  to  do?  Some  kind  of  “freezing”  of  existing  systems  is 
an  option. This  ensures  that  when  a  system  restarts  it  recreates  a 
known,  verifiable  configuration  that  is  thoroughly  locked  down  (the 
kind  of  control  that  Faronics  Deep  Freeze  used  to  provide  until  an 
“unfreezer”  was  created  in  2005).  1  suspect  that  hardware  support  will 
be  needed  for  this  to  work  reliably 

A  second  option  will  be  to  switch  to  more  easily  secured  systems. 
Linux  is,  of  course,  a  prime  candidate.  As  reader  Brandon  Sussman 
commented:". . .  Ubuntu  8. 10  is  scary  easy  For  grannies  in  New  Zea¬ 
land,  children  in  Spain  and  maybe  even  power-users  in  Manhattan.”But 
I  think  that  any  wholesale  movement  toward  Linux  will  just  cause  the 
malguys  to  shift  their  focus,  so  the  open  source  community  needs  to 
address  this  problem  soon  and  in  depth. 

There  is  a  third  option:  cloud-based  services.The  potential  is  for 
serious,  SaaS-style  services  to  be  built  and  run  by  experts  and  pro¬ 
vide  all  of  the  personal  productivity  applications  to  customers  run¬ 
ning  ultra-thin,  verifiable  safe  clients.  Of  course  this  will  require  that 
these  providers  run  operations  with  military-grade  security  and  mas¬ 
sive  “accident”  insurance. 

So,  which  one  or  ones  would  you  bet  on? 

Gibbs  will  take  your  wagers  at  backspin@gibbs.com. 


Scammers  channeling  ‘Office  Space’ 


NET8UZZ 


ussian  security  vendor  Kaspersky  Lab  last 
1  week  began  sounding  the  alarm  about  an 
overseas  mobile-phone  scam  that  smacks 
of  the  movie  “Office  Space”  and  may  portend 
future  dangers  for  global  users. 

It  may  also  add  grist  to  what  has  become  an 
ongoing  debate  here,  namely:  What  is  the 

mPWo  ineidhts  nrlriitips  risk/reward  ratio  35  mobile  phones  come  to 
— H i  handle  more  and  increasingly  sophisticated 

financial  transactions? 

According  to  Kaspersky  a  malicious  program  for  Symbian  and  writ¬ 
ten  in  Python  has  been  foisted  upon  customers  of  an  Indonesian  car¬ 
rier.  The  Trojan  sends  SMS  messages  that  prompt  the  transfer  of  small 
amounts  —  45  cents  to  90  cents  —  from  the  infected  user’s  account  to 
that  of  the  criminal.  Small  change,  yes,  but  if  the  scam  scales,  the  “result 
could  be  quite  substantial,”  Kaspersky  notes. 

The  theory,  as  put  forth  in  everybody’s  favorite  movie  about  sticking  it 
to  your  employer,  is  that  a  bunch  of  missing  change  is  less  likely  to  be 
noticed  than  the  loss  of  larger  sums.The  malware  writers  were  also 
helped  by  the  carrier’s  desire  to  provide  a  simple  method  of  transfer¬ 
ring  funds  to  a  customer  base  that  depends  upon  that  feature,  as  is  the 
case  in  less  affluent  nations.This  is  useful  when  you  need  to  commu¬ 
nicate  with  someone  who  does  not  have  enough  money  in  their 
account,”  the  Kaspersky  analysts  explain. 

Simple,  convenient  —  and  apparently  vulnerable. 

Might  the  risk  of  such  scams  jump  an  ocean  and  land  here? 

“It  seems  that  the  focus  on  financial  fraud  in  the  mobile  malware 
industry  will  only  get  more  pronounced  over  time,” says  Denis 
Maslennikov,  a  senior  malware  analyst  at  Kaspersky  Lab.“Until  recently, 
many  people  thought  that  malicious  programs  that  send  SMS  messages 
without  the  user’s  knowledge  were  a  purely  Russian  phenomenon. 


Now  we  can  see  that  the  problem  no  longer  affects  only  Russian  users 
—  it’s  becoming  an  international  issue.” 

Of  course,  it’s  always  worth  noting  that  vendors  such  as  Kaspersky 
make  their  livings  off  of  such  worries,  and,  in  some  cases, stoking  such 
worries  —  but  does  anyone  want  to  argue  that  he’s  wrong? 

Court  rules  Kentucky  does  not  own  the  Internet 

No,  the  government  of  Kentucky  cannot  seize  the  domain  names  of 
offshore  Internet  gambling  operations  just  because  the  governor  disap¬ 
proves  of  wagering  and  believes  himself  ruler  of  the  free  world. 

In  a  2-1  decision,  the  Kentucky  Court  of  Appeals  last  week  overruled 
a  lower  court  decision  that  allowed  Gov.  Steve  Beshear’s  Keystone  Cops 
to  confiscate  141  domain  names  last  fall. 

Faced  with  any  number  of  grounds  on  which  to  toss  this  turkey  the 
appeals  court  chose  to  hang  its  decision  on  an  interpretation  of 
Kentucky’s  “gambling  device”  forfeiture  statute,  writing: 

“  [I]t  stretches  credulity  to  conclude  that  a  series  of  numbers,  or 
Internet  address,  can  be  said  to  constitute  a  ‘machine  or  any  mechani¬ 
cal  or  other  device  . . .  designed  and  manufactured  primarily  for  use  in 
connection  with  gambling.’11 

Actually,  Kentucky’s  entire  approach  to  this  matter  stretches  credulity 

So,  that’s  the  end  of  that,  right?  Well,  not  necessarily 

A  spokesman  for  the  governor  tells  the  Lexington  Herald-Leader.  “We 
want  to  take  some  time  to  review  [the  ruling] .  No  decision  has  yet 
been  made  on  whether  to  appeal  it  to  the  state  Supreme  Court.” 

It’s  no  secret  that  I  believe  online  gambling  should  be  legal,  regulated 
and  taxed. That  others  may  disagree  I  can  understand.  Not  so  that 
Kentuckians  would  abide  such  legal  folly  —  and  such  an  affront  to 
Internet  freedom  —  on  the  part  of  their  officials.Throw  the  bums  out. 

Throw  comments  to  me  via  buzz@nww.com. 
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With  NetApp®  at  the  heart  of  your  business,  you  can 
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at  a  fraction  of  the  cost  and  footprint. 


imagine  storage  and  data  management  solutions  smart  enough  to  support  the  data  you  need,  and  not  a  lot  of  dead  weight. 

It's  possible  when  you  partner  with  NetApp.  Our  industry-leading  solutions  use  deduplication  and  other  space-saving  technologies 
to  help  you  store  data  efficiently  and  reduce  your  footprint  by  50%  or  more.  So  you  can  manage  exponential  growth  while 
minimizing  your  storage  investment — all  with  the  support  of  a  team  that  will  exceed  your  expectations.  See  how  we  can  help 
your  business  go  further,  faster.  Find  out  how  you  can  use  50%  less  storage,  guaranteed*  at  netapp.com/efficiency. 
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States  and/or  other  countries.  All  other  brands  or  products  are  trademarks  or  registered  trademarks  of  their  respective  holders  and  should  be  treated  as  such.  ‘This  guarantee  and  related  Program  is  limited  to 
the  terms  set  forth  in  the  Program  Guide  and  Acknowledgement  For  50%  Virtualization  Guarantee  Program  document,  applicable  only  to  prospective  orders  placed  after  the  Program  effective  date  and  is  dependent 
upon  your  compliance  with  the  terms  and  conditions  set  forth  in  this  document  and  any  of  the  instruction  sets  and  specifications  set  forth  in  the  referenced  documents.  NetApp’s  sole  and  exclusive  liability  and 
your  sole  and  exclusive  remedy  associated  with  the  terms  of  this  guarantee  and  related  Program  is  the  provision  by  NetApp  of  the  additional  storage  capacity  as  set  forth  in  this  guarantee  and  related  Program. 


ALTERNATIVE  THINKING  ABOUT  SYSTEM  POTENTIAL: 


Compromising  is  fine.  For  other  people.  But  now  you  can  watch  your  bottom  line, 
while  still  getting  a  look  into  the  future.  The  HP  portfolio  of  solutions  erases  the  gap 
between  cost  and  innovation,  while  delivering  reliable  ProLiant  technology,  all  at 
prices  that  require  a  second  look.  So,  while  others  try  to  think  outside  the  box  — we're 
rethinking  what  goes  on  inside  it. 


Xeon 

inside 

I 

Powerful. 

Efficient. 


Technology  for  better  business  outcomes. 


for 


$18/mo. 

[PN:  Q1580SB] 


Lease 


ust 


Smart 


One-Button  Disaster  Recovery  feature 
easily  restores  lost  files,  applications 
Store  up  to  160GB  on  a  single  cartridge, 
while  backing  up  to  50GB/hr. 


M 


Lease  for  just  $110/mo. 

Smart  [PN:  481658-001] 


■  - "  ('■  \  • 


Supports  up  to  8  server  blade 
devices  in  a  611  enclosure 
3-year  limited  warranty 


2mm 


. 

Lease  for  just  $21/mo. 

Smart  [PN:  470064-763] 

•  Powered  by  the  Intel®  Core™  2  Duo  Processor 

•  One  250GB  SATA  hard  drive 

•  2GB  memory 

•  1-year  limited  warranty 


Lease  for  just  $22/mo. 

[PN:  480965-B21] 

Powered  by  the  Intel®  Xeon®  Processor 

•  2GB  memory 

•  1-year  limited  warranty 


See  additional  HP  models  which  feature  small  form  factor,  high-performance  SAS  hard  drives. 


To  learn  more,  call  1-866-625-1016  or  visit  hp.com/servers/rethinkl5 


Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  stole  and  local  taxes  or  shipping  to  recipient's  oddress.  Offers  cannot  be  combined  with  ony  other  offer 
or  discount  ond  ore  good  while  supplies  lost.  All  featured  offers  available  in  U.S.  only.  Savings  based  on  HP  published  list  price  of  configure-to-order  equivalent  (Enclosure:  $5,822  -  $1,863  instant  savin 
Server:  $1,530  -  $631  instant  savings  =  SmortBuy  price  of  $899;  Rack  Server:  $1,188  -  $339  instant  savings  =  SmartBuy  price  of  $849;  Tape  Drive:  $809  -  $80  instant  savings  =  SmartBuy  price  of  $729). 

Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  of  Intel  Corporation  in  the  U.S.  and  other  countries. 

©  2008  Hewlett-Packard  Development  Company,  L.P.  The  information  contained  herein  is  subject  to  change  without  notice. 


